Bing Maps WPF Beta Control : Hide credential from snoop

2011年11月22日下午 09:05

0

Hi,

We bought a Bing map key and we plan to used it with the Wpf control. I realize than I can snoop the "CredentialsProvider" property of the Map control and read the ApplicationId (Witch is the actual key string). Is there a way to prevent this?

所有回覆

2011年11月23日上午 05:12

0

Right now there is no way to hide the keys, which is same as Ajax controls as well! Since keys can be obtained from bing portal site, they do not expose much harm. Any illegal use can be tracked through the key usage from bingmapportal site.
MSFT
Hemant Goyal

2011年11月23日下午 03:08

In my case, I successfully hide the key to the trivial curious without creating any bug.

But how somebody could get my key on the bing portal?

//Created a super class of ApplicationIdCredentialsProvider and override ApplicationId
public class HiddenCredentials:ApplicationIdCredentialsProvider
{
    public HiddenCredentials(string applicationId): base(applicationId){ }

    public new string ApplicationId
    {
        get
        { 
            return "Curiosity is a virtue.";
        }
        set
        {
            base.ApplicationId = value;
            OnPropertyChanged("ApplicationId");
        }
    }
}    

//Then set the credentials provider manually in the code
public class MyUserControl : UserControl
{
    public MyUserControl()
    {
        InitializeComponent();
    }
    private void UserControl_Initialized(object sender, EventArgs e)
    {
        myMap.CredentialsProvider = new HiddenCredentials("mykey");
    }
}

已編輯 Julien Poirier 2011年11月23日下午 03:12
已標示為解答 Julien Poirier 2011年11月25日下午 01:19

2011年11月23日下午 05:49

0

I meant, since users can get new key from bing maps portal easily, there are very less chances that any body can use your key.

Also, you can view the usuge of your key from bing portal site.
MSFT
Hemant Goyal
2011年11月25日下午 01:24

0

What I'm trying to prevent is for others to use MY key. Yes, keys are easily available, but the developer keys are only valid for 90 days; after that they are limited. If I'm using my key alongside a purchased licence for Bing Maps Geocoding and Imagery services, it seems to me the smart thing to do would be to hide that key so that someone else does'nt use it in their application, consuming MY transactions and sesssions.