Search code examples
c#.netcredential-manager

CredentialManagement returning empty strings in production but not development

I'm having an issue using the Windows credential manager in a project. I am using it to replace the username and password on the connectionString in my appsettings, and in the development and QA environments everything works fine, but in the production environment (which I don't have complete access to) it does not. The issue is its returning empty string when I load the credentials from the target.

Here is where I am loading it:

 public static CredentialModel GetCredential(string target)
        {
        CredentialModel credentialDto = new CredentialModel();
        using var credential = new Credential
        {
            Target = target
        };
        credential.Load();
        credentialDto.UserName = credential.Username;
        credentialDto.Password = credential.Password;
        return credentialDto;
}

And this is the CredentialModel

public class CredentialModel
{
    public string UserName { get; set; }
    public string Password { get; set; }
}

And where I replace the credentials in the connectionString:

StringBuilder connectionString = new(host.Configuration.GetConnectionString("RemessasConnectionString"));
var credential = CredentialService.GetCredential("Pegasus");
connectionString.Replace("$userId", credential.UserName);
connectionString.Replace("$password", credential.Password);

ConnectionString = connectionString.ToString();

For debugging's sake I added a line to the log in order to see what was being added to the connectionString, and it is replacing it with an empty string in production, but the actual values in development.

I have one idea about the reason for this, the application is running with a windows user and that user does not have access to the windows credential manager in the production server (but I think this would return an error not just empty strings).

If anyone can point me in the right direction, or has any suggestions for me to try I am all ears.

Solution

  • As @richard-deeming pointed out, the its because the user running the application does not have access to the credentials stored since they were stored under a different account than the one running the service. Look at his comment for more detail.