 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / Security / April 2006Connection string issue when in a separate web.config
Using asp.net 2.0, visualstudio .net 2005, sqlserver2000. How do I get the myConnectionString when it is in a Web.Config located in a different folder. I used the following but it is not working. I have a App_Code\DAL folder. Inside it, I have a Db.cs file. I tried the following in the DB.cs file. //Get default connection string connectionString = WebConfigurationManager.ConnectionStrings["~/Secure/myConnectionString"].ConnectionString; I have created a folder inside my website folder, named Secure, and placed a web.cofig file that contains the following in the Secure folder. <?xml version="1.0"?> <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <appSettings/> <connectionStrings> <add name="myConnectionString" connectionString="Data Source=MyDomain\MyServerName;Database=MydatabaseName;uid=xxx;pwd=xx;" providerName="System.Data.SqlClient" /> </connectionStrings> <system.web> </system.web> </configuration> My website contains a web.config file with the following contents: <?xml version="1.0"?> <!-- Note: As an alternative to hand editing this file you can use the web admin tool to configure settings for your application. Use the Website->Asp.Net Configuration option in Visual Studio. A full list of settings and comments can be found in machine.config.comments usually located in \Windows\Microsoft.Net\Framework\v2.x\Config --> <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <appSettings/> <system.web> <!-- Set compilation debug="true" to insert debugging symbols into the compiled page. Because this affects performance, set this value to true only during development. --> <compilation debug="true"/> <!-- The <authentication> section enables configuration of the security authentication mode used by ASP.NET to identify an incoming user. --> <authentication mode="Windows"/> <!-- The <customErrors> section enables configuration of what to do if/when an unhandled error occurs during the execution of a request. Specifically, it enables developers to configure html error pages to be displayed in place of a error stack trace. <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> <error statusCode="403" redirect="NoAccess.htm" /> <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> </system.web> <system.net> <mailSettings> <smtp from=""> <network host="smtp.myServer.com" password="" userName="" /> </smtp> </mailSettings> </system.net> </configuration> hi, the indexer on .ConnectionStrings expects the name of the connection string, in your case "myConnectionString". that said - which config entries WebConfigurationManager/ConfigurationManager can "see" depends on the location from where they were called if you want to access the connection string that is stored in ~/secure from ~/someOtherDir - this want work e.g. you can explicitly open the config file Configuration c = WebConfigurationManager.OpenWebConfiguration("~/secure"); return c.ConnectionStrings.ConnectionStrings["data"].ConnectionString; or just store the connection string in the root directory where it will be used... --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com > Using asp.net 2.0, visualstudio .net 2005, sqlserver2000. > [quoted text clipped - 74 lines] > </system.net> > </configuration> Your answer worked. However, now I need to know how to configure permissions on the Secure directory. We are using Windows 2003, and IIS6. What do we need to do regarding permissions for the Secure folder. > hi, > [quoted text clipped - 97 lines] > > </system.net> > > </configuration> I believe we have found the answer: Just add Network Service, and remove everyone. Again, Dominick thank you for the answer regarding my first question. You are .net rocking! > Your answer worked. However, now I need to know how to configure permissions > on the Secure directory. [quoted text clipped - 103 lines] > > > </system.net> > > > </configuration> your application identity needs read access to the config file - thats by default NETWORK SERVICE --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com > Your answer worked. However, now I need to know how to configure > permissions on the Secure directory. [quoted text clipped - 105 lines] >>> </system.net> >>> </configuration> This all worked for Asp.NET 2.0. Now, can someone tell me how to do this in Asp.NET 1.1? > your application identity needs read access to the config file - thats by > default NETWORK SERVICE [quoted text clipped - 112 lines] > >>> </system.net> > >>> </configuration> you can't - besides opening the file manually using xml reader e.g. But the normal configuration inheritance rules apply. --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com > This all worked for Asp.NET 2.0. Now, can someone tell me how to do > this in Asp.NET 1.1? [quoted text clipped - 117 lines] >>>>> </system.net> >>>>> </configuration> Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.