Question:

It would be of great help if you can explain the following conflicting pieces of information. This is a remail of last Friday’s question.

From IIS Deployment.doc:

Modify the IdeaBlade Configuration File as Necessary

From IIS Troubleshooting.doc:

Verify that you get a valid location for IdeaBlade.ibconfig

The location of the IdeaBlade.ibconfig file should either be a loose file in the log directory of the virtual directory or as an embedded file. In the Tutorial on IIS Deployment, the IdeaBlade.ibconfig file is an embedded file in AppHelper.dll.

Warning:  Putting the IdeaBlade.ibconfig file in a log directory (parallel to the bin directory) is not supported on IIS 6.0 and may not work properly on IIS 5.x.

If you see that the location is IdeaBlade.Util, this means that IdeaBlade could not find either a loose IdeaBlade.ibconfig or an embedded one.

The loose file method definitely does not work with IIS 6.0. So what to do later when I want to deploy on IIS securely?

Sorry, I know its Friday but there is no extreme hurry. Maybe you already have been asked this one?

Answer:

There are two solutions to the problem of how to avoid an embedding connection string in an IIS Deployment.  The first solution can be used with IdeaBlade (our 1.1 product) and DevForce.  The second solution can only be used with DevForce,

The first solution is a poor solution, and I do not recommend it becauses it compromises security.  It requires giving additional access rights to the Network Service Account.  Some customers are O.K. with this solution, but many others are not.  For these latter customers, this is not a solution.

The second solution uses the DataSourceKeyResolver.  This is the ultimate solution and gives you maximum flexibility in how you can specify your connection string.  BTW, I recommend that you look at the FunHouse, it not only uses a DataSourceKeyResolver, but has significant security improvements in the area of IIS Deployment compared to the application I originally developed.