3 is, by far the easiest. If you want to encrypt the string, which is wise,
you will have to use one machine to export the encryption keys. There are
pages on MSDN for encrypting connection strings on a web farm using the
built-in encryption.
You can encrypt separately on each machine, but you will have to encrypt
separately on each every time there is a change.
NOTE: In 2.0, you can put the connection strings in a separate file
Other alternatives
Global.asax - What? Are you high? - Global.asax is not secure if someone
compromises the code, so it really offers no security benefits. It is also
"hard coded" unless you put source on the web server. I would call
global.asax bad form.
Machine config is an decent option. It is a more attractive option if
multiple apps on the machine use the same connection string.
Registry is an option that is more secure than config, etc.
You can set up a web service to deliver configuration settings - unless you
are reusing the bits, this is overkill
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
http://gregorybeamer.spaces.live.com
*************************************************
Think outside the box!
*************************************************
"Jeff" <it************@hotmail.com.NOSPAMwrote in message
news:uX**************@TK2MSFTNGP06.phx.gbl...
Hey
ASP.NET 2.0
I'm preparing for a www.123assess.com test and in that intention I
yesterday took a skill assessment test at microsoft.com. Today I'm
reviewing some of the questions I had problems with:
One of the questions was about where the connections string should be
placed in a web farm configuration. In this scenario there were several
web applications which all are using the same connection string. The
connection string should in this scenario be placed in the most central
location possible. Below are the 4 alternative answers to the question:
These were the alternative answers:
#1: In each application's Global.asax
#2: In the Machine.config on one of the web servers
#3: In each application's Web.config file
#4: In the Machine.config file on each web server
I think alternative #4 is correct, but I'm not 100% sure about it.
any suggestions?
Jeff