Your application probably needs to communicate with a database of some kind. Naturally, that database isn’t open to the world – it needs to be protected and secured. The typical solution to this is to create a username and password combination (ideally, specific to each application or user that requires access) and configure the application with these credentials. In many cases, they’re simply stored in configuration, such as the
Using Trusted Connection
A trusted connection exists when the database server and the application server are running on the same windows network, and windows users can be authorized to access the database. In this case, the application is configured to run as a particular Windows account, and the database server is configured to grant this account access. The connection string doesn’t need to include any username or password information, and so can be stored in source control without fear of exposing secret data. The recommendation from Microsoft is, whenever possible, to use Windows authentication in this manner.
Once the application and database are configured, the connection string used for this authentication approach looks like this:
That’s it – no username or password data. If the only secret your application has is its database connection string, you can avoid having to deal with other ways of managing application secrets with just this one simple approach. Configure and use trusted connections between your application and its database, and you no longer need to store credentials in your applications’s configuration files (in development or in production).