Hi,
which is the best way to handle and keep the (oracle) userid and password in
an iis6 and asp intranet environment ?
In some articles it is written the the usage of the session object is not
recommended.
Thanks
Holger
Holger Osterbuhr wrote:
> Hi,
>
> which is the best way to handle and keep the (oracle) userid and
> password in an iis6 and asp intranet environment ?
It depends. However, many of us simply use #include files. If you're worried
about hackers gaining physical access to the files on your server, there is
not much that can be done about this. Even compiled dll's can be
decompiled. Make sure your server is locked down to make it harder for te
hackers.
>
> In some articles it is written the the usage of the session object is
> not recommended.
>
You're misinterpreting the articles, which are probably recommending that
you don't store ADO _objects_ in session or application. There is no problem
storing strings or agile objects in session/application (ADO objects are not
"agile").
The other objection to using session arises in web farm situations, since
the session is tied to the machine on which the session was initiated. If a
user is switched to another server during the session, the session
information will be lost.
Bob Barrows
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"