473,387 Members | 1,766 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > best way for protect conn.strings?

Join Bytes to post your question to a community of 473,387 software developers and data experts.

best way for protect conn.strings?

hi
what is the best way to protect
the connection strings
keeping an effective, low overheaded access
to them ?

thanks
--
atte,
Hernán Castelo
SGA - UTN - FRBA
Jul 21 '05 #1
3 1277
"best" way will depend on your individual requirements. Here are a couple of
ways in what I think is least to most secure.

1. keep connection string in an include file or set into application
variable in global.asa
2. keep it in a text file that is not accessible through web, read it into
an app var in global.asa.
3. keep it in system registry, read in as needed or put in app var in
global.asa
4. embed it in an activex server-side component and call a method of that
component to open connections.

There are probably other variations as well.

--
Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com
"Hernán Castelo" <ba*********@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP11.phx.gbl...
hi
what is the best way to protect
the connection strings
keeping an effective, low overheaded access
to them ?

thanks
--
atte,
Hernán Castelo
SGA - UTN - FRBA

Jul 21 '05 #2
i'm using the first,
any recommendation for these option ?

the activex and registry approaches
are more expensive, talking in resources... no?

--
atte,
Hernán Castelo
SGA - UTN - FRBA

"Mark Schupp" <no****@nospam.com> escribió en el mensaje
news:u5*************@TK2MSFTNGP12.phx.gbl...
"best" way will depend on your individual requirements. Here are a couple of ways in what I think is least to most secure.

1. keep connection string in an include file or set into application
variable in global.asa
2. keep it in a text file that is not accessible through web, read it into
an app var in global.asa.
3. keep it in system registry, read in as needed or put in app var in
global.asa
4. embed it in an activex server-side component and call a method of that
component to open connections.

There are probably other variations as well.

--
Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com
"Hernán Castelo" <ba*********@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP11.phx.gbl...
hi
what is the best way to protect
the connection strings
keeping an effective, low overheaded access
to them ?

thanks
--
atte,
Hernán Castelo
SGA - UTN - FRBA


Jul 22 '05 #3
The amout of overhead in dealing with connection strings is pretty low considering all of the other issues involved with
storing stuff in memory say like dictionary objects or sessions. Really, the easiest thing to do, especially if you wont be maintaining the
code or you are on a team is to throw it in the global.asa file. They only way to get access to that is if the machine is compromised
in some way. Assuming that you know what you are doing and the server is patched and updated properly, the likelyhood that it will
be an issue is very small.

Bastard

On Thu, 11 Nov 2004 18:27:56 -0300, "Hernán Castelo" <ba*********@hotmail.com> wrote:
i'm using the first,
any recommendation for these option ?

the activex and registry approaches
are more expensive, talking in resources... no?


Jul 22 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
Switching on strings...
by: slick_shoes | last post by:
What would be the best way to switch program flow based on a string the user enters? I found out the hard way that char*'s can't be used in a switch statement, so i've resorted to stringing if-else...
C / C++
6
Protect IL Code
by: YK | last post by:
All, What is the best way to protect IL code? --------------------------------------------------- Typical scenario: Visual Studio .NET 2003 includes Dotfuscator Community Edition, which...
.NET Framework
6
best use of strings
by: uidzer0 | last post by:
Hey everyone, I'm a little confused on the best way to declare character strings. I've seen many different ways to declare them such as: --- char string = "foobar\0"; --- char *string =...
C / C++
19
C and strings
by: Anthony Irwin | last post by:
Hi, I am new to c and am having trouble with strings can anyone give me some quick pointers or point me to a good c strings tutorial? Below is a program I am working on. Kind Regards,...
C / C++
4
Dyanically changing connection strings for SqlDataSource
by: Matt Colegrove | last post by:
I'm working on a web app that is published to a hosting service. I'm developing it on my local PC with VS 2005 and SQL Express. The hosting service DB is SQL Server 2000. I have two...
.NET Framework
16
FAQ Topic - How do I protect my javascript code?
by: FAQ server | last post by:
----------------------------------------------------------------------- FAQ Topic - How do I protect my javascript code? ----------------------------------------------------------------------- ...
Javascript
2
Read the connection strings in all web.config files in a box
by: =?Utf-8?B?U2JhdGNodQ==?= | last post by:
How will i read connection strings in all web.config files in one particualr machine?
C# / C Sharp
4
How to best compare three strings
by: ultragc | last post by:
Hi all. I am starting on javascript and need some help. Basically, I have a form in which I need to compare three text fields (string1, string2, and string3). The user must enter the exact text on...
Javascript
4
Which is best for storing strings: .resx or app.config?
by: Artie | last post by:
Hi, I've inherited an app that currently reads in hard-coded strings (like error messages) from app.config. It has been suggested that these would be better-placed in a .resx file. Is...
C# / C Sharp
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!