I was bug hunting today and ran across some weird behaviour with OleDbConnection. Before we go on, I’d like to point out that the code I was looking at was NOT mine (Who’d connect with an OleDbConnection, when there is a perfectly good SqlConnection?). Anyway, the thing I noticed was that when you have an OleDbConnection object connecting to a SQL Server 2000 database, with the Password parameter set to something. After a call to Open(), the connection string doesn’t have the Password parameter in it anymore.
Here’s some code I wrote to confirm it:
class Class1
{
[STAThread]
static void Main(string[] args)
{
OleDbConnection connection = new OleDbConnection(
"Provider=SQLOLEDB.1;Persist Security Info=False;Password=password;"+
"User ID=user;Initial Catalog=catalog;Data Source=COMPUTERNAME;" );
Console.WriteLine("Before {0}",connection.ConnectionString );
connection.Open();
Console.WriteLine("After {0}",connection.ConnectionString);
Console.ReadLine();
}
}
And the output:
Before: Provider=SQLOLEDB.1;Persist Security Info=False;Password=password;User ID=user ;Initial Catalog=catalog;Data Source=COMPUTERNAME; After: Provider=SQLOLEDB.1;Persist Security Info=False;User ID=user; Initial Catalog=catalog;Data Source=COMPUTERNAME;
The names were changed to protect the innocent. To try it out, change Data Source to a real machine name, User ID to a real user id and Initial Catalog to a real db.
Why? Well, I can only speculate, but I’m guessing that it has to do with security, so no one can steal the information once the application has connected to the db. Could be the same for SqlConnection too. Anyone wanna try it out?