.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Jean Paul
Subhransu Sekhar Jena
satyapriyanayak
SP
abhays

Home >> Articles >> DataBase >> Post New Resource Bookmark and Share   

 Subscribe to Articles

Storing Connection Strings

Posted By:Shashi Ray       Posted Date: November 25, 2009    Points: 25    Category: DataBase    URL:   
 

To store database connection strings, you have a variety of options with different degrees of flexibility and security. Although hard coding a connection string within source code offers the best performance, file system caching ensures that the performance degradation associated with storing the string externally in the file system is negligible. The extra flexibility provided by an external connection string, which supports administrator configuration, is preferred in virtually all cases.

When you are choosing an approach for connection string storage, the two most important considerations are security and ease of configuration, closely followed by performance.

You can choose among the following locations for storing database connection strings:

  • In an application configuration file; for example, Web.config for an ASP.NET Web application
  • In a Universal Data Link (UDL) file (supported only by the OLE DB .NET Data Provider)
  • In the Windows registry
  • In a custom file
  • In the COM+ catalog, by using construction strings (for serviced components only)

By using Windows authentication to access SQL Server, you can avoid storing user names and passwords in connection strings. If your security requirements demand more stringent measures, consider storing the connection strings in encrypted format.

For ASP.NET Web applications, storing the connection strings in encrypted format within the Web.config file represents a secure and configurable solution.

Note   You can set the Persist Security Info named value to false in the connection string to prevent security-sensitive details, such as the password, from being returned by means of the ConnectionString property of the SqlConnection or OleDbConnection objects.

The following subsections discuss how to use the various options to store connection strings, and they present the relative advantages and disadvantages of each approach. This will allow you to make an informed choice based on your specific application scenario.

Note   The Configuration Application Management block allows you to manage configuration settings-from database connections to complex hierarchical data.

 

 

 

Shashi Ray


 Subscribe to Articles

     

Further Readings:

Responses

No response found. Be the first to respond this post

Post Comment

You must Sign In To post reply
Find More Articles on C#, ASP.Net, Vb.Net, SQL Server and more Here

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend