Connection String Storage?

[al]

Hi,

what will be the place to store connection string properties (server
name and db)? .Net know offers other good alternatives to the
registry.


MTIA,
Grawsha

 

[Scott M.]

Web.Config works for me.

 

[Miha Markic]

Hi al,

It depends.
If it is static - store it in config file, otherwise you might consider
storing them in an xml file somewhere.

 

[William Ryan]

I agree with Miha and Scott, and web.config does a nice job of handling this
for you. Plus, if you store it in web.config, then you don't have to worry
about it being exposed by someone disassembling your code. For security
reasons, I'd advise storing it encrypted.

In addition you may want to check out this article
http://www.aspnetpro.com/NewsletterArticle/2003/12/asp200312pj_l/asp200312pj_l.asp
and this one
http://www.aspnetpro.com/features/2003/05/asp200305de_f/asp200305de_f.asp

HTH,

Bill

 

[Scott M.]

William,

Please don't post links to material that requires the user to be a
registered member.

 

[William Ryan]

Scott:

Sorry about that, I'm registered on a lot of sites so I didn't get the
prompt/realize this was the case. Anyway there's a free trial on that link
and it's easy enough to register for to view the article. My apologies for
the inconvenience though...I'll be more careful in the future.

Bill

 

[William \(Bill\) Vaughn]

Huh?
Lots of sites require free registration to help fund the content they
provide. Virtually all permit you to block email. Yes, a few (like some of
the magazines I write for) want you to subscribe to see the articles--they
paid to have them written in the first place. If you don't want to sign up
or subscribe, move on and look elsewhere for the information.


--
____________________________________
William (Bill) Vaughn
Author, Mentor, Consultant
MVP, hRD
www.betav.com
Please reply only to the newsgroup so that others can benefit.
This posting is provided "AS IS" with no warranties, and confers no rights.
__________________________________

 

[Scott M.]

It's just not the best practice to suggest a link without informing the user
that the information is on a site that you must register for (free or not).

I'm not saying that these sites aren't worth signing up for. It's just that
to say "here's your answer" and then find that you have to jump through
hoops to get it, isn't the best way to communicate the answer in the first
place.

 

[Cor]

Hi Bill,

I agree with Scott. It is maybe a matter of culture but a lot of people are
from countries which have bad expirience with registrations, so they don't
like to do it.

Registrations from people in the EU needs to fulfil a very strict law in
that.

Cor

 

[Prodip Saha]

When I am being asked to be a member first, I click the Close button. That's
simple.

The best way to store user/password is storing them in the database and
expose them to an application through a dll using encription/decryption. The
approach, however, adds more complexity but you have the better security.

Prodip Saha

 

[Scott M.]

You would store a database connection string in a database?