Similar but different:

Hi all, I've got a C# WinForms application hooking up to some database server. The database connection string, together with a generic user/pass, is positioned inside a NHibernate configuration file, which is based on exactly the same directory because the exe file.

Now I've this problem: The consumer that runs the applying shouldn't become familiar with the username/password from the general database user because I'm not going him to rummage around within the database directly.

Alternatively I possibly could hardcode the bond string, that is bad since the administrator must have the ability to change it out when the database is moved or maybe he really wants to switch between dev/test/push conditions.

Such a long time I have found three options:

  1. The very first recommended question was generally clarified by making the file only readable for that user that runs the applying.

    But that is not insufficient during my situation (the consumer running the applying is really a person. The database user/pass are general and should not be also accessible by the pack leader.)

  2. The very first answer furthermore suggested to secure the bond data before writing it towards the file.

    With this particular approach, the administrator won't be able any longer to configure the bond string while he cannot secure it manually.

  3. The second recommended question offers an method for this very scenario however it appears very complicated.

My inquiries to you:

  1. This can be a very general problem, so is not there any general "how-to-do-it" way, in some way a "design pattern"?

  2. Can there be some support insWeb's config infrastructure?

  3. (optional, maybe from scope) Can One mix that simply using the NHibernate configuration mechanism?


In reaction towards the first solutions: You will find the key reason why I may wish to connect with the database directly and not make use of a web service:

  • (N)Hibernate are only able to be utilized having a database, not webservices (shall we be held right?)
  • We intend to provide offline capacity, i.e. when the database or network ought to be lower, the consumer can continue his work. To handle this, I am considering getting a nearby, in-proc database, e.g. SQL Server Compact, and taking advantage of MS Sync framework to synchronize it using the server database the moment it's up again.

Have you got any more ideas using this into consideration?

To begin with, letting untrusted customers connect with a database is usually not recommended. A lot of things will go wrong. Put an internet service inbetween.

Should you absolutely need to do it, allow it to be to ensure that it does not matter even when they obtain the account information. Limit their rights within the database to ensure that they are able to only perform couple of saved methods which have built-in security inspections.

Anything you do, you cannot provide the username/password of the fortunate user for an untrusted person. It is simply requesting trouble. Regardless of how you attempt to hide your qualifications inside an encoded string in the binary file or whatnot, almost always there is a method to locate them out. Obviously whether anyone'll really get it done is dependent how interesting your computer data is, but quietly wishing which means that individuals with debuggers will just make you alone isn't a excellent security measure.