473,326 Members | 2,805 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

storing connection string in session

Hi,

I wanted some advice on the following. All the users who log in to the
system are created in the SQL Server. As I am not keen to store any user
information on the web.config file for security considerations and I need to
use SQL logins for each user, I decided to create a class CurrentUserClass
(some what similar to the TTUser class in microsoft's ASP.NET sample Time
Track application) with properties like Name, First Name, LastName, Role,
Password, Display Name etc but in addition also a function that returns
connection string (all encrypted. Once the user is authenticated (via forms
authentication) I just create a new instance of the user class and store it
encrypted in the session. The name of my server and database are encrypted
and stored in my web.config file.

eg.
Dim myUser as New CurrentUserClass(UserName, Password, ....)
Session("CurrentUser") = myUser

myUser.ConnectionString will return the connection string picking &
decrypting the server and database information from the web config file

I use this Session all across wherever I need to make connections. Is this a
safe method ? Please advice.

Thankyou very much in advance and best wishes.

Regards,

Shyam
Nov 17 '05 #1
0 893

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

14
by: mjkahn | last post by:
I've read (and read!) that you shouldn't store objects in Session variables. I've read these reasons: - The object takes up memory that may not be freed until the session times out. Better to...
2
by: Shyam | last post by:
Hi, I wanted some advice on the following. All the users who log in to the system are created in the SQL Server. As I am not keen to store any user information on the web.config file for...
2
by: Curt tabor | last post by:
Hi, I have several pages in my app that all use the same oleDBConnection(s). When this connection gets created, I store it as a Session variable so that other pages can access it w/o having...
3
by: Brad | last post by:
I am storing an array which contains about a dozen chracter items to a Session variable. Later, I need to use this array so I am doing the following: Dim eventTypes As String() =...
1
by: Abhijeet Kumar | last post by:
Hi I am using SQL Server to store session State. For this i have to specify <sessionState mode="SQLServer" sqlConnectionString="data source=127.0.0.1;user...
1
by: booksnore | last post by:
I have an application where a have a single admin database and multiple customer databases containing the customer's warehouse data. In the admin database I hold a user table and also a client...
37
by: sam44 | last post by:
Hi, At startup the user log on and chooses the name of a client from a dropdownlist, which then changes dynamically the connection string (the name of the client indicates which database to use)....
6
by: Mike | last post by:
We are intermitantly receiving this error on our website. ExecuteReader requires an open and available Connection. The connection's current state is connecting. Following is the code from the Load...
3
by: RSH | last post by:
Hi, I have a situation where I have created an object that contains fields,properties and functions. After creating the object I attempted to assign it to a session variable so i could retrieve...
6
by: J055 | last post by:
Hi I have the following code. I upload an XML file using the FileUpload object, store the stream in a session so the user gets the chance to confirm some options then pass the stream from the...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.