Database Connection - Development to Production

[Matt]

Hello,



What is the best way to handle the database connection string for a class
library project that will be compiled and used as a .dll? This .dll will be
accessed via classic ASP and in the future by ASP.NET pages. I have created
a constant that contains the connection string (as shown below).



Private Const sConnStr As String =
"Server=ServerA;Database=Intranet;Uid=username;Pwd=password"



This connection string is for the development server. When I deploy to the
production server I don't want to change the connection string to the
Production server's credentials. I am new to creating a.dll so please bear
with me here. I am a web programmer. In my classic ASP I utilize Server_Name
scripts to set the proper connection string based on the server the
application is running on. Is there a similar method to accomplish this
within a .dll? I know from my ASP.NET pages I could use the web.config file
but I can't do that from classic ASP pages. I want to maintain the
connection string within the dll itself. Any detailed examples or a link in
the right direction would be much appreciated.



Thanks in advance,

Matt

 

[Kevin Spencer]

web.config file.

--
HTH,

Kevin Spencer
Microsoft MVP
Professional Numbskull

Hard work is a medication for which
there is no placebo.

 

[smc750 via DotNetMonster.com]

There many ways to store connection strings. Unfortunately, they all involve
more code. In the days of ASP, we would store multiple connection strings in
the com dll one for production, testing and development. Then we would
require an extra parameter in our query strings when navigating to the asp
page. For instance, myapplication.asp?db=D where D meant development. Each
asp page would store this variable and send it as parameter to the data
access layer so it knew which connection string to use. I don't recommend
storing connection strings in the code. If your network administrator
migrates the database to another server then you will have to do another code
deployment.

Other ways, may be to store the connection string in the registry, web config
file or even a centrally accessible database. All these methods can use
encryption and removes the dependency of the connection string on the
assembly. To prevent having to change the connection string based on the
environment you can store all the connection strings and like I stated above
somehow detect what environment you are on and use the appropriate connection
string.

smc750
http://www.certdev.com

 

[Steven Cheng[MSFT]]

Hi Matt,

Storing connectionString in dll itself is ok. However, it'll make the
connectionstring hard coded and not possible to modify, if you do not care
about this ,then you can just use this approach.

As for .net framework application, we would suggest store connectionString
in application's config file(app.config or web.confing), this can make the
connectionstring's management very convenient and flexible. Also, .net
framework (especially 2.0) has powerful support on config file's
reading/writing....

#Storing and Retrieving Connection Strings
http://msdn2.microsoft.com/en-us/library/ms254494.aspx

Also, if the connectionString will be used in ASP.NET application, we can
perform encryption on them through DPAPI or RSA key:

#How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA
http://msdn.microsoft.com/library/en-us/dnpag2/html/paght000006.asp?frame=tr
ue


Regards,

Steven Cheng
Microsoft Online Community Support


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 

[Matt]

Thank you very much.

The config files are the way to go for all of my ASP.NET applications. I
agree with that. Unfortunately, all of our applications are still classic
ASP and I will require the connection information to be contained within the
dll at this time. I understand that it will be hard coded. Is using ini
files a method of the past? We have other VB 6 programmers here and they use
ini files to store their connection information.

The dll is a Security Control object that I created. It consists of a few
classes that read data from a database to populate the object properties and
collections.

Soon I will be making a post dedicated to converting classic ASP
applications to ASP.NET applications. I have yet to begin to research this
yet so if anyone has any insight or links to articles you could supply me
with it would be much appreciated. I should start a new post for this topic
though.

Thanks again.

 

[Steven Cheng[MSFT]]

Thanks for your response Matt,

As for classic ASP to ASP.NET's migration, the MSDN asp.net developer
center has provided some good articles:

#ASP to ASP.NET Migration Guide
http://msdn.microsoft.com/asp.net/reference/migration/aspmig/default.aspx

And the www.asp.net is also a very good place to get many new info about
ASP.NET.

Hope this also helps.

Regards,

Steven Cheng
Microsoft Online Community Support


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)