THE SQL Server Blog Spot on the Web

Welcome to - The SQL Server blog spot on the web Sign in | |
in Search

Ben Miller

Centralized ConnectionString manager

Has anyone any opinions or real world experience in creating a centralized ConnectionString manager and what would be the mechanism to retrieve them?

We are going down this road so that there is a way to have connection strings in one centralized place to manage them there.  But with the cavaet that we would not want to introduce lessened security on this mechanism, so I would not imagine that storage in a database would necessarily be the place.  But I am not opposed to it.

Anyway, any ideas?

Published Monday, February 2, 2009 4:03 PM by dbaduck



cinahcaM madA said:

Have you checked out the .NET encrypted configuration files feature (first introduced with 2.0)?

(This says ASP.NET but it can be done in any .NET app)

February 2, 2009 5:30 PM

Jonathan Kehayias said:

I have a C# client that uses a WCF service to get all connection information.  The connection strings are stored in a secure SQL Database that only the DBA's and WCF service has access to.  To get the information you connect to the service and request the string needed by Key name.

They have a Service for Production, Dev, and Test.  The only thing carried in the .config files is the correct path and TCP address to the net_tcp service.

February 2, 2009 5:34 PM

Kevin Devine said:

We have been considering a setup like this, but I was wondering how you set up the Service to be highly-available?  The purpose behind the service we were trying to set up was for disaster recovery as well as security.  Maybe I am missing something I can do in C#/ to set this up (or possibly a clustered/mirrored web server?)

February 2, 2009 10:03 PM

fibrock said:

I have created a set of centralized connection tables and procedures that sit on a clustered SQL Server.  All the data is encrypted by the built in SQL server encryption mechanism.  I then have created stored procedures to insert and retrieve data out of these tables which handle the decryption and encryption of data.  The tables also keep track of the type of connection and the platform that the system is on, example Unix  ftp server, iSeries FTP server, SQL Server Login.

February 3, 2009 8:35 AM

cinahcaM madA said:

Kevin: You don't need a service, nor do you need to worry about high availability.  Use the built-in configuration file encryption (see the link I posted), and then all you need to worry about is pushing updated files out when needed.  All of the servers will manage their own connections at that point.  It couldn't be easier, and assuming that all of your servers are .NET there is no reason to over-engineer something like this.

February 3, 2009 9:52 AM

dbaduck said:

@Jonathan Kehayias - Is this something that you created?  Is it something that I could leverage or is it IP that cannot be shared?  This is exactly what I am looking for.

February 13, 2009 2:28 PM
New Comments to this post are disabled

About dbaduck

Ben Miller is a Senior Database Administrator for HealthEquity in Draper, UT. He has been working with SQL since SQL Server 6.0 (1998) and has had a variety of roles in his career, including SQL Support and MVP Lead at Microsoft.
Privacy Statement