Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How is everyone storing connectionstrings?

Tags:

.net

asp.net

connection-string

web-config

I was wondering if people could post their solution to the ongoing problem of local databases and different connectionstrings among many developers in one project within source control?

More specifically, I'm talking about the problem where a project that is in source control and has many developers with a local database each. Each developer has their own connection string (named instance, default instance, machine name, username, password, etc). Every check in overrides the previous version and pulling the latest version results in using someone else's connection string.

So, people, which solution are you using for this problem? Extra points for explanations on why their solution works, pros, and cons.

EDIT Keep in mind that this answer shouldn't be targeted only to an enterprise environment where you have full control of the setup. The right solution should work for everyone: enterprise, startup, and open source devs.

Thanks!

like image 942
Jonas Stawski Avatar asked May 09 '12 21:05

Jonas Stawski

People also ask

Where are connectionStrings stored?

Connection strings can be stored as key/value pairs in the connectionStrings section of the configuration element of an application configuration file. Child elements include add, clear, and remove. The following configuration file fragment demonstrates the schema and syntax for storing a connection string.

What is the best way to store the connection string?

The best way to secure the database connection string is to encrypt the value within the configuration file. The application would then load the encrypted value from the config file, decrypt the value, and then use the decrypted value as the connection string to connect to the database.

Should you store connection string information?

A connection string presents a potential vulnerability if it is not secured. Storing connection information in plain text or persisting it in memory risks compromising your entire system.

Which is the best place to store connection string in .NET projects?

Answers. The best place, I would say, is in the web. config. And, since 2.0, you can encrypt the connection strings out of the box.

1 Answers

To me, your question seems to imply one of two outcomes:

  1. A connection string is specified in the Web.config file that is generic enough to work for all local versions of the database. You've indicated that this isn't an ideal setup in environments where you don't have complete control.
  2. Each developer is required to supply his or her own connection string that is never checked into source control.

A few others have already covered the first scenario. Use localhost and follow a convention for the database name. For option 2, I'd recommend specifying a config source that doesn't get checked into source control:

<configuration>
  <connectionStrings configSource="connectionStrings.config"/>
</configuration>

EDIT:

connectionStrings.config

<connectionStrings>
  <add name="Name" 
    providerName="System.Data.ProviderName" 
    connectionString="Valid Connection String;" />
</connectionStrings>

From: http://msdn.microsoft.com/en-us/library/ms254494(v=vs.80).aspx

connectionStrings.config would be a file in the root of the project that you specifically excluded from source control. Each developer would be required to provide this file when working locally. Your production connection string could be substituted via a Web.config transformation on build / deployment.

like image 107
Nathan Donze Avatar answered Oct 07 '22 04:10

Nathan Donze
Sign in to Comment

Related questions

Using async in non-async method
ASP.NET 5 : Is the "dotnet" command replacing "dnu" and "dnx" commands?
Web.Config transformation of custom config section
.isproj cannot be opened because of its project type (.isproj) is not supported
Does googlebot keep sessions when crawling?
Stop asp:PlaceHolder from removing whitespaces
System.Web.UI.ViewStateException: Invalid viewstate
Visual Studio shows "Updating source control status" after installing ASP.NET MVC 4 Beta
Showing custom error message on exception: A potentially dangerous Request.Form value was detected from the client
Sys.ParameterCountException: Parameter count mismatch
C#: The type 'Microsoft.Reporting.WebForms.ReportViewer' exists in both ReportingServicesWebUserInterface.dll and Microsoft.ReportViewer.WebForms.dll
AppSettings in App or Web Config Using a Linked File
Adding css in html that will be sent to an email
SelectedValues not working in MultiSelectList mvc
Paging the huge data that is returned by the Web API
How to Get Selected Value from Dropdown List C# ASP.NET
Cannot find .NET 5.0 Console App project template in Visual Studio 2019
Scope of HttpContext.Current.Items
Which one is faster reading an XML file or querying a database [closed]
app_offline.htm throwing HTTP 500 errors on production box

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!