Why are we using the machine.config file to store connection string although we have web.config file? Any help would be appreciated.
+3
A:
Anything stored in your machine.config will be available to any website configured under it. The web.config stores configuration data specific to that application, only. Here's a good article highlighting the differences between the two:
http://24x7aspnet.blogspot.com/2009/06/difference-between-webconfig-and.html
ianpoley
2009-11-11 18:36:52
+1
A:
We normally store connection strings encrypted in the Web.Config, although you can store it in the registry if you're concerned about security and encrypting the string in the web.config is not enough for you.
Se here: http://msdn.microsoft.com/en-us/library/aa302406.aspx
We have several apps and hundreds of connection strings. Storing them all in the machine.config would be a management nightmare. Then again, it might be a good way to centrally manage them and keep your dev web server pointing to the dev DB, while your live points to the live DB.. Interesting....
David Stratton
2009-11-11 18:38:13
Here's a fun one: store all but one in a database, and store an encrypted connection string for *that* database in web.config. Provides easy maintenance, sync/diff for production/staging/dev, etc. Note: I haven't done this, just thought it'd be funny.
David Lively
2009-11-11 18:48:50
Avoid the registry. It's clogged up as it is.
David Lively
2009-11-11 18:50:32
Man, the question changed, and now my answer doesn't even make sense in context.I hate that.
David Stratton
2009-11-11 19:00:16