Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to eliminate usernames and passwords from source code in Test Automation?

I write test automation and scripts that require windows authentication to the domain to access.
I don't like keeping them in the app.config because they are available in plain text.
I don't like prompting for input because then it isn't automated anymore.
If I hard code them in the assembly they are visible from .Net Reflector and they get checked into source control when I commit the .cs files.
Is there a pattern / practice that makes it easy to use configured usernames and passwords without exposing them.

This also applies to web sites that have credentials to log in and databases the use either windows authentication or sql server authentication to connect.
Any advice would be greatly appreciated.

like image 329
Jeremy E Avatar asked Oct 28 '10 17:10

Jeremy E


1 Answers

Couldn't you use DPAPI to protect it?

There's an interesting MSDN article @ http://msdn.microsoft.com/en-us/magazine/cc164054.aspx

like image 145
dotalchemy Avatar answered Nov 15 '22 05:11

dotalchemy