How do you deal with connection strings when deploying an ASP.NET site?

Question

Right now our test and production databases are on the same server, but with different names. Deploying has meant editing Web.config to change all the connection strings for th

Answer 1

I've been in a few places now that store them in the registry.

There's probably more elaborate ways to do it now but a lot of code I've worked on with a 1.0/1.1 heritage store the strings in the registry.

The registry has a few advantages

1. It keeps people from deploying the code to the wrong places since machines not configured properly will lack the keys
2. It eliminates the problem wherein a developer will accidentally package a web.config file with the development connection strings in it (followed by a frantic phone call in the middle of the night wherein it is revealed that the late night sysadmin did not back up the previous web.config and the developer does not know or recall the production strings)
3. It limits the possibility of a hacker being able to get the connection string by fetching the web.config off of the machine. Plus the registry has more levels of security than the filesystem.