2

I have an ASP.NET web project, and I've placed a dummy connection string in my web.config file pointing to an Azure Sql database.

<add name="YurClanConnection" connectionString="Placeholder connection string" providerName="System.Data.SqlClient" />

See this article for the reasoning behind this: http://www.hanselman.com/blog/HowToKeepYourASPNETDatabaseConnectionStringsSecureWhenDeployingToAzureFromSource.aspx

This works in production--the real connection string stored on Azure servers replaces the placeholder connection string in my project. From what I've read, putting your connection in Azure under Websites-Config in the app settings, stored as key/value pairs, is the right way to secure your connection string when using an Azure Sql database. However, this does not work in development.

What is the right way to store a connection string securely so that it works properly in both development and production, specifically when using an Azure Sql database?

Improve this question
5
  • Why doesn't that work in Dev? Haven't you got two websites, Dev and Prod? Why can't you change the connection string in both?
    – Maria Ines Parnisari
    Commented Jan 31, 2015 at 3:32
  • @l19 I'm not able to connect to my Azure Sql database when developing on my local machine, since my connection string is stored in Azure. However, my deployed website can connect to the database. I don't want to have to put my connection string in web.config during development, then remove/replace it with the placeholder connection string every time I deploy.
    – David B.
    Commented Jan 31, 2015 at 4:14
  • @l19 I want access to the database in development AND obviously on the deployed site.
    – David B.
    Commented Jan 31, 2015 at 4:15
  • 1
    When i work with azure web sites i do the following: create a database for development and create another database for production. In Web.Config, enter the connection string for the development database. In the azure portal, override the connection string with the production variant.
    – ZGFubnk
    Commented Feb 3, 2015 at 13:37
  • @dannl After further research, I've done just what you said, I think that's the best option unless someone has a better way. However, I've not only created a separate development database, I've also created a separate server for that database, since the credentials are visible in the connection string. The production database connection string is tucked away in Azure for security purposes. Thanks so much!
    – David B.
    Commented Mar 10, 2015 at 4:10

1 Answer 1

Reset to default
0

Here is how I have worked with databases locally and in Azure.

  • On the dev machine, have a database and your connections string
  • In Azure, create an Azure SQL database (or any other kind of database)
  • Go to the Web App Settings in Azure and scroll down to the section where you have connection strings and input the connection string for your db in Azure Picture here
  • Save and you should be fine.
Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.