Connection string stored in registry

[nbs.tag]

hey guys heres my question. I was told by a little birdie that .net 2.0
has the ability to read a connection string directly from a registry
key. so in the registry key a string value of say :
database=northwind;user=username;password=pw; is stored at

software/myApp/connSTR in the registry, i was told its possible to just
place

<connectionStrings>
<add name="asd"
connectionString="value=registry:HKLM\SOFTWARE\myApp/connSTR;"
</connectionStrings>

or somehting of the sorts in the web.config file and it could read the
string back. Is this possible and if so, what would be the correct
format for soing so?

 

[Guest]

The real question I think is, why do you want to do that? It's not a good
idea IMHO.

If it were me, I would store the connection string right in the web config
file and have it encrypted. (for encrypting web config sections see:
http://msdn.microsoft.com/msdnmag/issues/06/05/ExtremeASPNET/ )

This way you avoid some issues such as dealing with missing registry key's
when you port your code from environment to environment.

 

[nbs.tag]

I want to do it because who i work for wants it, basically, lol. We
dont need to worry about enviorments as this will not be a problem
since it will be used for internal use among our designers. Were doing
this so that we can have 1 constant and acurate connection string that
our designers can use the same one over and over again. We want it done
this way for simplicity and not really for security.

 

[Guest]

nbs.tag,
Still not a good idea, IMHO. If the objective is to have "1 constant and
acurate connection string that our designers can use the same one over and
over again.",
then put it into Global.asax as a string constant, and call it
"DEV_CONNECTION_STRING" or something to that effect.

Peter

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com

 

[nbs.tag]

the only problem is its not my option, im told is this possible cause
this is what i heard, doesnt matter if its good or not, we just want to
know can it be done, it doesnt necesarily mean well use it

 

[Guest]

Well according to this article:
http://support.microsoft.com/default.aspx?scid=kb;en-us;329290

The only sections in the web config that allow the "registry:" syntax are:

<identity userName= password= />
<processModel userName= password= />
<sessionState stateConnectionString= sqlConnectionString= />

Now, that artcle applies to ASP.Net 1x, so I'm not sure if they have
enhanced it for 2.0. You can try it to experiment and see if it does work.

Please realize I am NOT advocating you doing this. But you wanted an answer
to your question.

 

[Mythran]

hey guys heres my question. I was told by a little birdie that .net 2.0
has the ability to read a connection string directly from a registry
key. so in the registry key a string value of say :
database=northwind;user=username;password=pw; is stored at

software/myApp/connSTR in the registry, i was told its possible to just
place

<connectionStrings>
<add name="asd"
connectionString="value=registry:HKLM\SOFTWARE\myApp/connSTR;"
</connectionStrings>

or somehting of the sorts in the web.config file and it could read the
string back. Is this possible and if so, what would be the correct
format for soing so?

Check out Microsoft Patterns and Practices, Data Access Application Block.
By using the Configuration Application Block along with the DAAB, you can
store the connection strings and encrypt them at the same time, without
manually handling the encryption stuff

Anywho, to just use plain jane web.config file to store the connection
string, just place the following in your web.config file:

<appSettings>
<add key="DevConnStr" value="connection string here" />
</appSettings>

This is one way to do it...I have also heard about the connectionString(s)
element .. read something about it yesterday...somewhere..


HTH,
Mythran

 

[nbs.tag]

The thing is, i dont wanna now whats best, like encryption, or a global
file, i just wanna know is this possible, what i am describing is it
possible, ive already seen the the part where they describe getting
back the username, pw, etc, and ive alrady looked into the enterprise
tool and as far as i can tell it will not allow me to do what i want to
do

 

[Saad Rehmani]

Just wondering ...

If this is in a Windows environment, why not use 'Integrated Security' and
not have any sensitive information in the connection string?

 

[Mythran]

hey guys heres my question. I was told by a little birdie that .net 2.0
has the ability to read a connection string directly from a registry
key. so in the registry key a string value of say :
database=northwind;user=username;password=pw; is stored at

software/myApp/connSTR in the registry, i was told its possible to just
place

<connectionStrings>
<add name="asd"
connectionString="value=registry:HKLM\SOFTWARE\myApp/connSTR;"
</connectionStrings>

or somehting of the sorts in the web.config file and it could read the
string back. Is this possible and if so, what would be the correct
format for soing so?

Check out aspnet_regiis utility. This does something similar to what you
want (although, it encrypts the data not just sets it up for use in the
registry). It takes the connection string from the app.config file,
encrypts it and stores it in the registry then places a pointer to this
registry value in the spot where the connection string was at in the
app.config file.

Once again, I know this isn't exactly what you wanted, but it's as close as
I could find.

Mythran