473,386 Members | 1,720 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c# / c sharp > questions > connection string

Join Bytes to post your question to a community of 473,386 software developers and data experts.

Connection String

Hi All!

I've got an ado.net app with several win forms.
In the first form (form1) I connect to DB and in other forms I use
connection string generated by the form1 and stored in sqlconnection object
of form1.
If I use windows authorization of SQL Server everything works fine, but when
I use SQL Server authorization it doesn't work because sqlconnection object
doesn't store the password and as a result of retrieving connection string
from this object
I get connection string without password.

I know about "Persist Security Info". But setting it to true is not
reccomended.

Does anyone could help me to find a solution ?
Or should I use another way of connecting to DB from different win forms?

Thanks
Nov 15 '05 #1
5 3269
Hi Dmitry,

You should not keep the connection open. Keep a connection string with the
user name and the password in it in some configuration class accessible from
all of the forms. When you need to connect to the database, read the
connection string from the configuration and instantiate the SqlConnection
object with the string retrieved.

--
Dmitriy Lapshin [C# / .NET MVP]
X-Unity Test Studio
http://x-unity.miik.com.ua/teststudio.aspx
Bring the power of unit testing to VS .NET IDE

"Dmitry Karneyev" <ka******@msn.com> wrote in message
news:Om**************@TK2MSFTNGP11.phx.gbl...
Hi All!

I've got an ado.net app with several win forms.
In the first form (form1) I connect to DB and in other forms I use
connection string generated by the form1 and stored in sqlconnection object of form1.
If I use windows authorization of SQL Server everything works fine, but when I use SQL Server authorization it doesn't work because sqlconnection object doesn't store the password and as a result of retrieving connection string from this object
I get connection string without password.

I know about "Persist Security Info". But setting it to true is not
reccomended.

Does anyone could help me to find a solution ?
Or should I use another way of connecting to DB from different win forms?

Thanks


Nov 15 '05 #2
Thanks Dmitriy for your reply.
Actually I dont keep connection open. I symply copy connection string from
sqlconnection
object from form1 to sqlconnection objects in other forms.
And here is the problem with retrieving the password.

Is your variant 'good' from the side of cecurity?
What can you say about it ? Isn't it safe to keep connection string in such
way?

Thanks.

"Dmitriy Lapshin [C# / .NET MVP]" <x-****@no-spam-please.hotpop.com>
сообщил/сообщила в новостях следующее:
news:O2**************@tk2msftngp13.phx.gbl...
Hi Dmitry,

You should not keep the connection open. Keep a connection string with the
user name and the password in it in some configuration class accessible from all of the forms. When you need to connect to the database, read the
connection string from the configuration and instantiate the SqlConnection
object with the string retrieved.

--
Dmitriy Lapshin [C# / .NET MVP]
X-Unity Test Studio
http://x-unity.miik.com.ua/teststudio.aspx
Bring the power of unit testing to VS .NET IDE

"Dmitry Karneyev" <ka******@msn.com> wrote in message
news:Om**************@TK2MSFTNGP11.phx.gbl...
Hi All!

I've got an ado.net app with several win forms.
In the first form (form1) I connect to DB and in other forms I use
connection string generated by the form1 and stored in sqlconnection

object
of form1.
If I use windows authorization of SQL Server everything works fine, but

when
I use SQL Server authorization it doesn't work because sqlconnection

object
doesn't store the password and as a result of retrieving connection

string
from this object
I get connection string without password.

I know about "Persist Security Info". But setting it to true is not
reccomended.

Does anyone could help me to find a solution ?
Or should I use another way of connecting to DB from different win forms?
Thanks

Nov 15 '05 #3
> Is your variant 'good' from the side of cecurity?
What can you say about it ? Isn't it safe to keep connection string in such way?
Of course you should not store connection string with a password as plain
text in a disk file. However, I think it is quite safe to store it as a
plain text in memory, well, unless your application does not require strong
security considerations. You could at least store password encrypted and
substitute a placeholder like {0} with it at the moment you are going to
establish a connection.

--
Dmitriy Lapshin [C# / .NET MVP]
X-Unity Test Studio
http://x-unity.miik.com.ua/teststudio.aspx
Bring the power of unit testing to VS .NET IDE

"Dmitry Karneyev" <ka******@msn.com> wrote in message
news:Oj*************@TK2MSFTNGP09.phx.gbl... Thanks Dmitriy for your reply.
Actually I dont keep connection open. I symply copy connection string from
sqlconnection
object from form1 to sqlconnection objects in other forms.
And here is the problem with retrieving the password.

Is your variant 'good' from the side of cecurity?
What can you say about it ? Isn't it safe to keep connection string in such way?

Thanks.

"Dmitriy Lapshin [C# / .NET MVP]" <x-****@no-spam-please.hotpop.com>
сообщил/сообщила в новостях следующее:
news:O2**************@tk2msftngp13.phx.gbl...
Hi Dmitry,

You should not keep the connection open. Keep a connection string with the
user name and the password in it in some configuration class accessible

from
all of the forms. When you need to connect to the database, read the
connection string from the configuration and instantiate the SqlConnection object with the string retrieved.

--
Dmitriy Lapshin [C# / .NET MVP]
X-Unity Test Studio
http://x-unity.miik.com.ua/teststudio.aspx
Bring the power of unit testing to VS .NET IDE

"Dmitry Karneyev" <ka******@msn.com> wrote in message
news:Om**************@TK2MSFTNGP11.phx.gbl...
Hi All!

I've got an ado.net app with several win forms.
In the first form (form1) I connect to DB and in other forms I use
connection string generated by the form1 and stored in sqlconnection

object
of form1.
If I use windows authorization of SQL Server everything works fine,
but when
I use SQL Server authorization it doesn't work because sqlconnection

object
doesn't store the password and as a result of retrieving connection

string
from this object
I get connection string without password.

I know about "Persist Security Info". But setting it to true is not
reccomended.

Does anyone could help me to find a solution ?
Or should I use another way of connecting to DB from different win

forms?
Thanks



Nov 15 '05 #4
Here's also a link to an article on securing connection strings:

http://www.dotnetwire.com/redirect.asp?newsid=5037

--
Dmitriy Lapshin [C# / .NET MVP]
X-Unity Test Studio
http://x-unity.miik.com.ua/teststudio.aspx
Bring the power of unit testing to VS .NET IDE

"Dmitry Karneyev" <ka******@msn.com> wrote in message
news:Oj*************@TK2MSFTNGP09.phx.gbl...
Thanks Dmitriy for your reply.
Actually I dont keep connection open. I symply copy connection string from
sqlconnection
object from form1 to sqlconnection objects in other forms.
And here is the problem with retrieving the password.

Is your variant 'good' from the side of cecurity?
What can you say about it ? Isn't it safe to keep connection string in such way?

Thanks.

"Dmitriy Lapshin [C# / .NET MVP]" <x-****@no-spam-please.hotpop.com>
сообщил/сообщила в новостях следующее:
news:O2**************@tk2msftngp13.phx.gbl...
Hi Dmitry,

You should not keep the connection open. Keep a connection string with the
user name and the password in it in some configuration class accessible

from
all of the forms. When you need to connect to the database, read the
connection string from the configuration and instantiate the SqlConnection object with the string retrieved.

--
Dmitriy Lapshin [C# / .NET MVP]
X-Unity Test Studio
http://x-unity.miik.com.ua/teststudio.aspx
Bring the power of unit testing to VS .NET IDE

"Dmitry Karneyev" <ka******@msn.com> wrote in message
news:Om**************@TK2MSFTNGP11.phx.gbl...
Hi All!

I've got an ado.net app with several win forms.
In the first form (form1) I connect to DB and in other forms I use
connection string generated by the form1 and stored in sqlconnection

object
of form1.
If I use windows authorization of SQL Server everything works fine,
but when
I use SQL Server authorization it doesn't work because sqlconnection

object
doesn't store the password and as a result of retrieving connection

string
from this object
I get connection string without password.

I know about "Persist Security Info". But setting it to true is not
reccomended.

Does anyone could help me to find a solution ?
Or should I use another way of connecting to DB from different win

forms?
Thanks



Nov 15 '05 #5
Thanks for the link, Dmitriy!

"Dmitriy Lapshin [C# / .NET MVP]" <x-****@no-spam-please.hotpop.com>
сообщил/сообщила в новостях следующее:
news:Or**************@TK2MSFTNGP12.phx.gbl...
Here's also a link to an article on securing connection strings:

http://www.dotnetwire.com/redirect.asp?newsid=5037

--
Dmitriy Lapshin [C# / .NET MVP]
X-Unity Test Studio
http://x-unity.miik.com.ua/teststudio.aspx
Bring the power of unit testing to VS .NET IDE

"Dmitry Karneyev" <ka******@msn.com> wrote in message
news:Oj*************@TK2MSFTNGP09.phx.gbl...
Thanks Dmitriy for your reply.
Actually I dont keep connection open. I symply copy connection string from
sqlconnection
object from form1 to sqlconnection objects in other forms.
And here is the problem with retrieving the password.

Is your variant 'good' from the side of cecurity?
What can you say about it ? Isn't it safe to keep connection string in

such
way?

Thanks.

"Dmitriy Lapshin [C# / .NET MVP]" <x-****@no-spam-please.hotpop.com>
сообщил/сообщила в новостях следующее:
news:O2**************@tk2msftngp13.phx.gbl...
Hi Dmitry,

You should not keep the connection open. Keep a connection string with the user name and the password in it in some configuration class accessible from
all of the forms. When you need to connect to the database, read the
connection string from the configuration and instantiate the SqlConnection object with the string retrieved.

--
Dmitriy Lapshin [C# / .NET MVP]
X-Unity Test Studio
http://x-unity.miik.com.ua/teststudio.aspx
Bring the power of unit testing to VS .NET IDE

"Dmitry Karneyev" <ka******@msn.com> wrote in message
news:Om**************@TK2MSFTNGP11.phx.gbl...
> Hi All!
>
> I've got an ado.net app with several win forms.
> In the first form (form1) I connect to DB and in other forms I use
> connection string generated by the form1 and stored in
sqlconnection object
> of form1.
> If I use windows authorization of SQL Server everything works fine,

but when
> I use SQL Server authorization it doesn't work because sqlconnection object
> doesn't store the password and as a result of retrieving connection
string
> from this object
> I get connection string without password.
>
> I know about "Persist Security Info". But setting it to true is not
> reccomended.
>
> Does anyone could help me to find a solution ?
> Or should I use another way of connecting to DB from different win

forms?
>
> Thanks
>
>


Nov 15 '05 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

17
empty connection string
by: AMC | last post by:
Hi, I'm using an include file to store the connection string to a database. Whenever I try to reference that string to open a connection in the page that includes the file I get the error 'empy...
ASP / Active Server Pages
0
Create a MS SQL Server Connection DataLink Properties Window
by: Jay Douglas | last post by:
Hello, I'm trying to create a Data Links Property window that behaves just like the dialog box in Visual Studio .Net for MS Sql Server connections. I've found a lot of examples that use...
C# / C Sharp
5
Database Connection - Development to Production
by: Matt | last post by:
Hello, What is the best way to handle the database connection string for a class library project that will be compiled and used as a .dll? This .dll will be accessed via classic ASP and in...
.NET Framework
37
change connection string dynamically
by: sam44 | last post by:
Hi, At startup the user log on and chooses the name of a client from a dropdownlist, which then changes dynamically the connection string (the name of the client indicates which database to use)....
ASP.NET
1
Change Connection String during runtime
by: Sankalp | last post by:
Hi, I am using VB 2005. My application has many data bound controls. The connection is stored in the app.config file. I want the application to start with a default connection string and while...
Visual Basic .NET
3
Database connection pooling in ASPx
by: fniles | last post by:
In the Windows application (using VB.NET 2005) I use connection pooling like the following: In the main form load I open a connection using a connection string that I stored in a global variable...
ASP.NET
6
Cintury
Unable to read data from the transport Connection
by: Cintury | last post by:
Hi all, I've developed a mobile application for windows mobile 5.0 that has been in use for a while (1 year and a couple of months). It was developed in visual studios 2005 with a back-end sql...
Mobile Development
0
Connection watching in VB.NET 2008
by: Robert Avery | last post by:
In VBA/VB6, I had a class (incomplete sample below) that watched and displayed for the user all connection events, so that I could easily see what SQL was taking a long time, and when it freezes, I...
Visual Basic .NET
2
Web.config and Connection String Management
by: Johnson | last post by:
I'm trying to fix a "sub optimal" situation with respect to connection string management. Your thoughtful responses will be appreciated. I just started with a new client who has a bunch of legacy...
.NET Framework
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM ╘ 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!