0

I have my custom webpart, which have access to database. I need to configure data source, catalog, username and password, which allows webpart a access database. I don't want that users can see, what is account name or password. What is best way manage user rights in SharePoint?

I have thinking couple ways, but I cannot tell are these ideas good and whether there are better ways manage this?

Idea1: I save all neasesery information to list and I somehow hide it from users? (HOW?) Webpart reads this list information and access a database.

Idea2: Hardcode connection string to webpart. However maintenance will suffer.

Idea3: Webpart settings and connection string, but then all users must set it and it will not work.

Improve this question

3 Answers 3

Reset to default
1

no need for any of those!

you just need to add it to web.config

http://msdn.microsoft.com/en-us/library/jj653752(v=vs.110).aspx

and

http://msdn.microsoft.com/en-us/library/ms228094(v=vs.85).aspx

somthing on the lines of:

<appSettings> <add key="SQLConnectionString" value="server=http://mysite.mysite.com;database=myDatabaseservername;uid=MyUserName;password=MyPassword;" /> </appSettings>

MyUserName and MyPassword would need to be changed to a user account that has access to the sql server...

server=http://mysite.mysite.com (You sql server name) and database=myDatabaseservername (your sql database name) need to be changed to the correct values! all can be found when logging in into sql server!

Improve this answer
1

Modifying the web.config should be your last choice, in case of SharePoint. Especially, if there are other possibilities, like the following:

Store the connection string, user name and password in the the property bag of the SPSite.RootWeb or SPWebApplication or SPFarm (depends on how granular you want to be with these settings). Data in the property bag is completely hidden from the end user. It can be set and retrieved only by code or by powershell - for both you need access on the SharePoint Server.

It's worth to check out this blog post too, if you have wondered about the difference between SPWeb.Properties and SPWeb.AllProperties.

Improve this answer
1
  • So far, I have been storing app key/values in web.config, and suddenly it is a criticized practice. Property bag at SPWebApplication or SPFarm level seems like an appealing option. Another practice was to store these settings in a secured list somewhere on the portal itself and access the settings via elevated code. I am curious what is the most efficient approach with minimal impact on performance of the web part. Commented Sep 11, 2017 at 5:29
0

Create a custom tool part for you password using a password text box as the control.

Its just a case of subclassing the ToolPart control then adding the password textbox in the CreateChildControls() method

This link goes into the full detail

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.