Visual SVN SQL Connection string amogst different developers

Question

We have recently hired new developers. Until now, we only have one developer who was committing all his changes on Visual SVN. But after new developers are hired, we are concerned about the security of our SQL credentials that reside in the web.config.

We either want (Not Prefered) to exclude web.config from the SVN and have all developers include their own version of web.config, which contains their SQL Connection string of the test machine. But we really don't need that. We want to have a class handle our sql connection string. That class should be designed in such a way that only the authorized computer should be able to connect to the production Sql server.

How does other teams tackle such an issue? can somebody help please?

Answer 1

You can store your connection strings in a seperate config file. You can use the configSource property to reference that file. That way, all developers will have their own connection strings. You add that specific file to the SVN ignore list, so it won't be sent to the SVN server when a commit is made.

<connectionStrings configSource="Config\connectionStrings.config"/>

Here's an example for the connectionStrings.config file:

<?xml version="1.0"?>
<connectionStrings>
    <add name="Name" 
     providerName="System.Data.ProviderName" 
     connectionString="Valid Connection String;" />
</connectionStrings>

There should be nothing else in the file. Just the <connectionStrings>...</connectionStrings> content. Also, check the MSDN documentation to see how the configSource attribute should be used.