• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 422
  • Last Modified:

Can't read web.config file ConnectionStrings from ASP.NET Script with my ISP

I'm actually having a problem.  I can't find a way to read the connectionstring with my asp.net script for some reasons when i upload them at my ISP.  Locally, my code work perfectly.   Here's my code...
Dim oConfig As System.Configuration.Configuration
Dim sSQLConnection As String
Dim dbBYS As SqlConnection
oConfig = Configuration.WebConfigurationManager.OpenWebConfiguration("/.")
sSQLConnection = oConfig.ConnectionStrings.ConnectionStrings("MyDb").ConnectionString
dbBYS = New SqlConnection(sSQLConnection)
dbBYS.Open() ================================================================================

Here's the result when i run my script from when its hosted by my ISP:
"Security Exception
Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. "

If i replace the first lines by sSQLConnection = "my parameters to connect to my DB", it work.

Any idea how i could be able to read theses parameters to connect  to our DB without throwing an exception?

Is that a common thing to secure a web server this way?

Christian de Bellefeuille
Christian de Bellefeuille
1 Solution

the web app probably fails because it's running under medium trust and not full trust like when you try it locally.
You'd get the same error locally if you add <trust level="Medium" /> inside <system.web>

You can easily avoid this problem by using the following instead:

Dim sSQLConnection As String
Dim dbBYS As SqlConnection

sSQLConnection = ConfigurationManager.ConnectionStrings("MyDb").ConnectionString;
dbBYS = New SqlConnection(sSQLConnection)
Christian de BellefeuilleProgrammerAuthor Commented:
Thanks!  It worked!

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now