ASP.NET/SQL Server key manager application

By aaron.axvig, 27 April, 2007

This is a project I worked on mostly a few months ago: an application to keep track of license keys and which computers certain keys have been activated on.  It is primarily designed for internal use by an organization.  Being quite simple, it does not have a lot of features, but this also makes it easy to use I hope.  Here is a screenshot of the main page:


And then there are a couple of different screens for adding items; here is one of them:


You can view details of a key, software, computer, or installation:


Lastly, there are a few different list views for various things, like all the keys that you have for a certain software package:


A few caveats regarding the quality of the application:

  • There is no protection against dumbness.
  • No limits on data input, and database fields are varchar(max).
  • Should be relatively save against SQL injection attacks, as all data is passed as parameters to stored procedures.
  • No foreign key checking.  So if you delete a software from the database that still has keys that refer to it, bad things may happen.
  • Delete is permanent.  Be careful.
  • I'm quite sure something will be discovered to be broken for this first release.  So there is room for improvement.

Now some positives:

  • Activation is not permanent.  If you change something to not be activated, it will update the software's activation totals.  So you could use this field to track how many computers the key is used on if you really wanted to.
  • In fact nothing is permanent.  You can all of the data you have entered as you need to.
  • Clean design.
  • Database is simple if you really need to go in and edit something by hand.
  • Released under GNU General Public License.

You can get the application here.  You should have a machine with ASP (probably 2.0 is required) installed, and SQL Server (tested on SQL Server 2005).  Unzip the precompiled files into a web directory.  One file is called procedures.sql, and you must run the text of this in a SQL Server Management Studio window in order to create the 4 tables and 27 stored procedures.  Delete or move it when you are done.  Then you must modify the connection string in the web.config file to allow for a connection to your SQL Server.  While in the web.config file you can change the text that appears as the main logo (doubling as the home button) of each page.

To keep everyone on the Internet from viewing your keys, you should implement some security.  I do this by disallowing anonymous access in IIS and requiring Integrated Windows Authentication.  Then any domain users that have NTFS permissions to the files in that directory can view the keys.  Users only need read access to the directory.  In my testing the page could not be shown unless the viewer was authenticated as something, but I wouldn't rely on that keeping everyone out (I think it was the web.config authorization setting that was doing this).  Much better to set those NTFS permissions.

The lack of complete automation and difficulty of setup means that unless you have some experience with web servers, ASP, and SQL you are probably going to find it difficult to get it to work.  I plan to add more documentation and make it easier in the future.  Of course if you ask questions or leave thanks in the comments I will answer them to the best of my ability, and also be greatly encouraged to know that someone else is out there using this.  :)