473,398 Members | 2,393 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > is storing connection string in a session variable a good idea?

Join Bytes to post your question to a community of 473,398 software developers and data experts.

Is storing connection string in a session variable a good idea?

I have an application where a have a single admin database and multiple
customer databases containing the customer's warehouse data. In the
admin database I hold a user table and also a client table which holds
the encrypted individual clients connection string to their database. At
the moment on every page of my web app I make a call to the admin
database to retrieve the connection string and then decrypt it (the
web.config holds the encrpyted connection string for the admin
database). I was wondering if it might be easier just to set a session
variable to the value of the decrpyted client connection string on login
and then on each page set a property for the client connection string to
the value of this session variable.
Do you think this is this a good idea or not?
Joe

*** Sent via Developersdex http://www.developersdex.com ***
Apr 1 '06 #1
1 4034
HK
I say "not" because if anyone manages to upload a simple ASP page to your
website, they could have that ASP page iterate through all session variables
and display to the screen.

Also, you have the problem of potentially not maintaining session state on
100% of browsers, but that can be worked around fairly easily by just
calling your routine again if you don't have the answer in the session
variable.

You might consider a session variable that is encrypted well. Then you just
decrypt it on the fly in your code upon each use.
"booksnore" <sa******@plandatamgmt.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
I have an application where a have a single admin database and multiple
customer databases containing the customer's warehouse data. In the
admin database I hold a user table and also a client table which holds
the encrypted individual clients connection string to their database. At
the moment on every page of my web app I make a call to the admin
database to retrieve the connection string and then decrypt it (the
web.config holds the encrpyted connection string for the admin
database). I was wondering if it might be easier just to set a session
variable to the value of the decrpyted client connection string on login
and then on each page set a property for the client connection string to
the value of this session variable.
Do you think this is this a good idea or not?
Joe

*** Sent via Developersdex http://www.developersdex.com ***

Apr 1 '06 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Storing data for future visits
by: Francisco | last post by:
I have this problem: I have a database with information about games, and users are able to vote for them. Everytime a user votes for a game I store the unique game name into a session variable (an...
PHP
14
ADO Connection object in Session_OnEnd
by: Agoston Bejo | last post by:
Hi! Why doesn't the following code work? Sub Session_OnEnd Dim Conn Set Conn = Server.CreateObject("ADODB.Connection") Conn.ConnectionString = Application("Connection_String") Conn.Open ...
ASP / Active Server Pages
2
storing connection string in session
by: Shyam | last post by:
Hi, I wanted some advice on the following. All the users who log in to the system are created in the SQL Server. As I am not keen to store any user information on the web.config file for...
ASP.NET
2
Storing OleDBConnection in Session
by: Curt tabor | last post by:
Hi, I have several pages in my app that all use the same oleDBConnection(s). When this connection gets created, I store it as a Session variable so that other pages can access it w/o having...
ASP.NET
37
change connection string dynamically
by: sam44 | last post by:
Hi, At startup the user log on and chooses the name of a client from a dropdownlist, which then changes dynamically the connection string (the name of the client indicates which database to use)....
ASP.NET
9
Best practice : storing objects in session-variables ?
by: david | last post by:
I have a class with some business-logic and with every roundtrip, I need an instance of this class, so I have to create it, every time again. That doesn't seem very efficient. I thought it would...
ASP.NET
5
storing database connection strings
by: djc | last post by:
is it still customary to use web.config and global.asax to store connection strings? For example storing the string in web.config and using application start procedure in global.asax to declare a...
ASP.NET
3
Storing a user created object as a session variable
by: RSH | last post by:
Hi, I have a situation where I have created an object that contains fields,properties and functions. After creating the object I attempted to assign it to a session variable so i could retrieve...
ASP.NET
6
Problems storing upload file in session (ObjectDisposedException)
by: J055 | last post by:
Hi I have the following code. I upload an XML file using the FileUpload object, store the stream in a session so the user gets the chance to confirm some options then pass the stream from the...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!