One application used ConnectionString that read “Server=.\SQLEXPRESS; Database=MyDatabase; MultipleActiveResultSets=true; User ID=MyUser; Password=MyPassword; Connect Timeout=10;
”. Yes, I know all dangers of transporting user id and password in this manner, but trust me, there was no other choice for this particular scenario. It worked for quite some time and I was satisfied with it.
As upgrade went, I needed one additional connection. I saw no problem with it, I did it plenty of times:
public SqlConnection Clone(SqlConnection original) {
var clone = new SqlConnection()
clone.ConnectionString = original.ConnectionString
return clone;
}
However, in this particular scenario, all I got was “Login failed for user…” message. After some checking, I noticed one peculiar thing. My connection string, as far as SqlClient was concerned, was “Server=.\SQLEXPRESS; Database=MyDatabase; MultipleActiveResultSets=true; User ID=MyUser; Connect Timeout=10;
”. My Password field was completely missing!
ConnectionString gets cleaning treatment and password just gets omitted. Solution comes in form of one additional parameter. If we add “Persist Security Info=true;
” to out ConnectionString SqlConnection will give us enough rope to hang ourself and Password field will be preserved.