I want to store connection string in cookies. But only server part is visible when i retrieve connection string from cookies. Can i store connection string in cookies? Based on company and unit i want to access database connection string and store it in cookies. so that for specific company there is specific connectionstring. Please Help me.
A:
Do NOT store any sensitive information (such as connection strings) in Cookies!
You are asking to be hacked...
[Note: The fact that you think you need different connection strings for "each company and unit" would indicate a separate database for each; perhaps not the ideal way to go...]
Mitch Wheat
2010-10-16 08:44:02
My application is running on Lan only. There is no chance of security breach.
Mohan Sharma
2010-10-16 08:44:59
you think? .... Regardless, cookies should not contain connection strings
Mitch Wheat
2010-10-16 08:46:34
where should i store connection string so that for particular company there is a particulare connection string.
Mohan Sharma
2010-10-16 08:46:38
@Mohan Don't be foolish - that's flawed in two senses, firstly the assumption that all risks are external to your business and second that the app will remain within the lan. You *really* don't want to do this.
Murph
2010-10-16 08:47:13
@Murph Where Should i store connection string?
Mohan Sharma
2010-10-16 08:52:26
First of all, I am not sure why you would want a separate database for each client - it makes more sense to use the relational nature of the database to separate individual user data. However, if you end up doing it that way I would suggest using ASP.NET profiles. Profiles are based on cookies, but the sensitive information would be stored in the database, not in a cookie.
NightOwl888
2010-10-17 11:17:35