Create SQL XmlRepository for storing Data Protection keys #2505
Comments
aspnet-hello
added
enhancement
|
From @urbanhusky on Monday, November 27, 2017 12:46:54 AM I'm trying to implement such a repository and I use EF. I struggle with figuring out how to properly resolve the corresponding I do the following: // Register db context
services.AddDbContext<DataProtectionDbContext>(
opts =>
{
var dpapiMigrationsAssembly = typeof(DataProtectionDbContext).GetTypeInfo().Assembly.GetName().Name;
opts.UseSqlServer(dpapiConnectionString, b => b.MigrationsAssembly(dpapiMigrationsAssembly));
});
// configure dpapi
services.AddDataProtection()
.ProtectKeysWithCertificate(GetCertificate()) // no support for rollover or revocation when using certificate?
.AddKeyManagementOptions(options => options.XmlRepository = new SqlDatabaseXmlRepository(/* TODO: how to resolve? Repository needs to be an instance and any DI would be for *right now* */)) |
|
I have an EntityFrameworkCore implementation of this along with tests and a sample ready for review. Please let me know if it is ok to submit a pull request. |
|
@dansward thanks for your PR to kick off the conversation on this subject. We would be interested in taking a well-written PR to create this feature. At minimum, we would hope to see an implementation that satisfies the following:
These requirements are pretty high-level, so let's have a conversation about the options for implementing these. One option includes using Entity Framework Core, but that is not the only alternative. |
natemcmaster
changed the title
|
Done in aspnet/DataProtection#303 and aspnet/DataProtection#323. Thanks @dansward! |
- Required to log long-running tests - Will help investigate aspnet/KestrelHttpServer#2503
- xUnit diagnostic messages were enabled in #2505 to help identify hung tests - However, this also enables log messages for non-serializable theory data (aspnet/KestrelHttpServer#2509), which adds noise to logs - It doesn't seem possible to disable the "non-serializable data" messages but keep the "long-running test" messages - Converting all tests to serializable theory data is expensive and complicates test code - The best solution for now is to revert xUnit diagnostic messages to disabled, and re-enable when needed to identify hung tests
…-master [automated] Merge branch 'release/2.2' => 'master'
ghost
locked as resolved and limited conversation to collaborators
From @janpieterz on Saturday, October 7, 2017 8:02:51 AM
Would make sense as it's one of the most common shared pieces of infrastructure between multiple servers.
It's mentioned in aspnet/DataProtection#145 but doesn't seem to have been built.
Copied from original issue: aspnet/DataProtection#280
The text was updated successfully, but these errors were encountered: