TECHNOLOGIES
FORUMS
JOBS
BOOKS
EVENTS
INTERVIEWS
Live
MORE
LEARN
Training
CAREER
MEMBERS
VIDEOS
NEWS
BLOGS
Sign Up
Login
No unread comment.
View All Comments
No unread message.
View All Messages
No unread notification.
View All Notifications
Answers
Post
An Article
A Blog
A News
A Video
An EBook
An Interview Question
Ask Question
Forums
Monthly Leaders
Forum guidelines
Kalil
NA
2
0
Setup & Connection String encoding
Feb 1 2006 2:39 AM
Hello,
I am totally new to ASP/C#/SQL and would strongly appreciate your help asap as security is a critical issue in the application I am trying to develop.
I read a lot about the need to encode the connection string and save it in web.config and for now, I just have a plain text connection string created in the code in the ASPX page.
I wonder however, if that's OK, given that the web server and application server are running on the same machine where the SQL server & database itself are also located. In that case, do I really need to hide and encode the connection string?
I guess I could use Windows authentication (I would need to set ASP.net as a valid user of SQL server?), but for now i am using SQL authentication (I need to create a SQL user with appropriate rights, that is not the sa). Is it OK to use SQL authentication?
Thanks a lot!
Reply
Answers (
0
)
How to create an X509-certificate with C# / .NET
grant access to users