Login/Register
What is the best way for storing non-public configuration data in a .NET 4.0 application
Asked Answered
Solved c#-4.0app-configisolatedstorage
P

2

6

my application uses the standard app.config to store the public configuration data. However, there are still some other data which are not public, but they still must be accessible all the time, persistent, changeable from out of the application as well as manually in case of some problems.

For example imagine that the application stores some licensing information within a file which must not be public available. However, an administrator must be able to edit this file using notepad or similar (without any special editors), so cryptography is out of the game.

Would you use isolated storage? Do you have some other suggestions? Since the application is not using any database, please do not consider storing withing a DB as an option, too.

So the question is how to store application data so that it is not as easy to modify by hand as with app.config, but still easily editable for a power user.

Proximo answered 8/3, 2011 at 14:50 Comment(0)
S
1

What about an include file?

Like the file attribute in the appSettings Element or the SectionInformation.ConfigSource Property?

<configuration>
    <appSettings file="machine-specific.config">
        <add key="Application Name" value="MyApplication" />
    </appSettings>
</configuration>

The included file can be protected from public access with regular filesystem access rights.

I would definitely NOT use isolated storage for that. Encryption would be ideal but since that is not acceptable for you...

Using environmental variables would work too I guess... But I would probably not use it myself.

Selectman answered 8/3, 2011 at 14:59 Comment(4)
Thanks, I would take a look at this option. I do not want to deploy neither the encryption key nor a special tool for editing such files to all power users all over the world, hence encryption is not acceptable.Proximo
@Thomasek: Yeah, I understand your problems with the encryption. I realize I have forgot about another obvious location to store configuration: the system registry. Registry values can be hidden from normal users as well.Selectman
Wouldn't an administrator on the target machine have access to any file?Riess
@Cosmin: that is the point... Privileged users must be able edit the config (read the question).Selectman
M
0

I've had very good results Using Settings in C#.

You can easily manage application and user settings, which will be automatically stored in isolated storage by the class that Visual Studio generates. They support pretty much any type that is serializable in XML while still being strongly typed.

Mohl answered 8/3, 2011 at 14:56 Comment(2)
Sorry, I may have expressed myself not exactly...I'm talking about a deployed application, not about the source code. As far as I know are those settings files compiles as embedded resources into the exe/dll. SO how should be a power user able to edit these data?Proximo
The class generated by Visual Studio allows you to change the values of your settings at runtime and persist these changes. You can figure out where in isolated storage the file with the current values is, but I'd just create a small dialog or some command-line parameter to feed the information to the application.Mohl

© 2022 - 2024 — McMap. All rights reserved.