Develop Locally, Deploy to DiscountASP.NET

I'd like to develop on my local system and deploy to my web sites on discountASP.net. Locally I'm using SQL Server 2000, Visual Studio .NET 2003 and FrontPage 2003. My local system is a Win2000 desktop, WinXP laptop, and a Win2003 Server. It was a major hassle but I finally have Visual SourceSafe working with ASP.NET programs.

Because I may need to use Oracle in the future I'm using OleDB* instead of Sql*.

- Is there a site somewhere that describes "Best Practices" for developing locally and deploying remotely? Ideally I'd like local programs to default to SQL Server 2000 locally, and deployed apps to default to SQL Server 2000 running at DiscountASP.NET.

- When I drag an OleDbDataAdapter to a form eventually I get a message box,
"The password is saved as clear text and is readable in the source code and the compiled assembly."
I click the "Include password" button, but is this a problem? (I never include source code when I copy the project to a site on DiscountASP.NET.) Is there a better way?

Thanks.

-- Mark

 

.NET code is compiled to an intermediate launguage from the language in which you write your code. This is what is stored in the .DLL that you put the server. This, in turn, is compiled to machine code the first time the DLL is used -- this is called Just In Time (JIT) compilation. (you may hve notied that the first time you hit a new function on your site the pages take a whileto load) As a result, the DLL can be reverse engineered and your password could be read from your compiled code easily and there are readily-availble tools to do this. There are also tools to obfscuate (make unreadable) your DLLs.

I believe that the data adapters are a part of the code-behind for the page and not an object like a text box, but take a look at your pages. The properties for the controls are stored with the controls in the .ASPX file. Make sure this is not the case with your ASPX files.

To solve your portability problem and to avoid security issues, follow bruce's advice and store the connection string in the web config file. Read it back in the Page_Load() and override what you have in the oleDB Adapter.

There are lots of great ideas an practices out there, but try MS's site: www.microsoft.com/resources/practices/ for starters.
quote:Originally posted by bruce

I would store the connection information in the web.config file. when you upload your project using VS.net copy project, you can configure it to not overwrite the web.config file

Not sure about your second question... may be someone else can help.

quote:Originally posted by Mark Jerde

I'd like to develop on my local system and deploy to my web sites on discountASP.net. Locally I'm using SQL Server 2000, Visual Studio .NET 2003 and FrontPage 2003. My local system is a Win2000 desktop, WinXP laptop, and a Win2003 Server. It was a major hassle but I finally have Visual SourceSafe working with ASP.NET programs.

Because I may need to use Oracle in the future I'm using OleDB* instead of Sql*.

- Is there a site somewhere that describes "Best Practices" for developing locally and deploying remotely? Ideally I'd like local programs to default to SQL Server 2000 locally, and deployed apps to default to SQL Server 2000 running at DiscountASP.NET.

- When I drag an OleDbDataAdapter to a form eventually I get a message box,
"The password is saved as clear text and is readable in the source code and the compiled assembly."
I click the "Include password" button, but is this a problem? (I never include source code when I copy the project to a site on DiscountASP.NET.) Is there a better way?

Thanks.

-- Mark

</blockquote id="quote"></font id="quote">
</blockquote id="quote"></font id="quote">