Wednesday, August 27, 2008

Error from Goofy characters in SQL Connection string

I recently deployed a test app to one of our remote servers. I used an Ampersand (&) symbol in the SQL Server password to increase the password strength. When I replaced my development password for the remote server SQL Server password in the web.config, I was surprised by an ASP.Net Yellow Screen error. The error was not very descriptive because it indicated that I had the customErrors mode set to something other than "Off" (I was viewing the error from a Remote server). Actually, I did have customErrors mode="Off", but was still met with the same error. After making several other checks like Permissions on the web.config file, .Net Framework set to the correct Framework version, etc. I decided to open the web.config file using the IIS snap-in, which I almost never do. Fortunately the attempt was met with an error message indicating a syntax error in my web.config file which pointed directly to the Ampersand in my connection string password. Well that was a new one for me. Changed the password to replace the Ampersand with a different character and the problem was solved.

The moral of the story, if you keep getting the following Yellow Screen Runtime error from a Remote PC despite having customerrors mode="Off" set as indicated, you may have a syntax error in your web.config.

Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This customErrors tag should then have its "mode" attribute set to "Off".


Russ said...

So how do you specify a password containing an ampersand character in the web.config? As a developer, I do not have access/rights to change passwords and this could be an issue for us in the future. Thanks in advance for your thoughts.



Dean-o said...

I was fortunate to have access to change the password on the SQL Server. I wonder if it is possible to use some kind of escape characters or ASCII codes or something in the web.config. The problem appears to be in validating the web.config so maybe if the connection string was stored encrypted or in the registry, it would not cause the error.