ConnectionString configSource not found when deployed to Azure

5
votes

I am securing my MVC5 project, by moving the connection strings out of web.config into an external file, and not checking this into source control, nor adding it to the project.

My web.config looks like 

<configuration>
  <connectionStrings configSource="ConnectionStrings.config" />

This works perfectly in development.

I have the website hosted in Azure WebSites, and I have manually defined the connectionstrings in the configuration portal.

The problem is that when I publish to Azure, I get the error "Unable to open configSource file 'ConnectionStrings.config'."

Is there a way to override the Connection Strings element in the web.config so it will not try and find the external file? Is Web Transforms able to do this?

Thanks in advance, all help appreciated

2
azureweb-configconnection-string

2 Answers

4
votes

Use a RemoveAttributes transform on the web.config and remove the configSource attribute on deploy to Azure.

2
votes

This is what I do:

<connectionStrings>
<add name="Entities" connectionString="" providerName="System.Data.EntityClient" />
</connectionStrings>

I use EF, so it expects that; if you have name = "myConnection" then that is what will be reflected above; connectionString="" can remain blank;

Then in azure -> Config, under Connection String, for Name I have Entities for Value I have my EF connection string.

Azure will over-write your web.config as long as you match the Name; does that make sense?

After messing around with this... this may seem like a workaround... strip out the connection string value from ConnectionStrings.config, then check it in commit and push, then add it to your ignore list (gitignore) commit and push., that should stop the errors from showing up since the file now exists; it doesn't have your sensitive data., and now the config values should propagate to the config - Im sure uve thought of this already but this seems like the simplest workaround.