Skip to main content
A newer version of this page is available. .

ISecureDataConverter Interface


This interface is obsolete. Use the DevExpress.DataAccess.ISecureDataConverter interface instead.

If implemented, enables the Web Report Designer to use a custom algorithm for storing data source connection strings on the client.

Namespace: DevExpress.XtraReports.Web.ClientControls

Assembly: DevExpress.XtraReports.v19.1.Web.dll


[Obsolete("This interface is obsolete. Use the DevExpress.DataAccess.ISecureDataConverter interface instead.")]
public interface ISecureDataConverter :


When the SQL Data Source wizard obtains connection strings from the Web.config file, only the connection name is serialized with the report definition.

You can register a custom connection string provider. Based on the registration mode you choose, all the connection parameters or the connection name only are serialized along with a report data source. When the report serialized with connection parameters is passed to the client, these parameters are encrypted by applying the MachineKey algorithm. To provide a custom encryption mechanism, use the ISecureDataConverter interface.

The following code illustrates an ISecureDataConverter implementation that stores connections in an XML file.

using DevExpress.XtraReports.Web.ClientControls;
using System;
using System.Linq;
using System.Xml.Linq;
// ...

public class CustomSecureDataConverter : ISecureDataConverter {
    const string URI = @"E:\Temp\Connections.xml";
    const string XML_CONNECTION = "Connection";
    const string XML_ID = "Id";
    static XDocument document;
    static object lockObj = new object();

    static CustomSecureDataConverter() {
        document = XDocument.Load(URI);

    public string Protect(string entity) {
        var id = Guid.NewGuid().ToString();
        lock (lockObj)
            document.Root.Add(new XElement(XML_CONNECTION, new XAttribute(XML_ID, id), entity));
        return id;

    public string Unprotect(string protectedEntity) {
        return document.Root.Elements(XML_CONNECTION)
            .First(x => x.Attribute(XML_ID).Value == protectedEntity)

    public static void Flush() {

A custom Data Converter implementation should be registered at the application startup (by calling the DefaultReportDesignerContainer.RegisterSecureDataConverter<T> method) and released in the Application_End event (by calling the Flush method).

using DevExpress.XtraReports.Web.ReportDesigner;
// ...

protected void Application_Start(object sender, System.EventArgs e) {

protected void Application_End(object sender, System.EventArgs e) {
See Also