Is it necessary to override the membership and the role providers?

I'm working on a web app and I don't want to store the connection strings in the web or app config because of the requirements.

So far I have found the only way to achieve this -开发者_C百科 to override the membership and the role providers.

I also don't fully understand why do I also have to override a role provider when all authentication is apparantely handled by the membership provider?

Thank you

While the SqlRoleProvider and SqlMembershipProvider are separate concerns, they both talk to the same database (typically).

They each have a distinct configuration section and require an instance of a connections string.

I approve of the strategy you discovered on the other question and if you wish to use roles you will have to do the same thing, configuration in code, as you are doing for membership.

You should link to the other question to give context and prevent getting flagged as a duplicate.

I have found a solution online, which is a bit of a hack, but saves me from overriding membership and role providers.

Solution is to set a connection string in global.asax through reflection:

protected void Application_PreRequestHandlerExecute()
{
    try
    {
        SetProviderConnectionString(DllForConnectionStringManagement.GetConnectionString());
    }
    catch (Exception e)
    {
    // Log and throw
    }
}

SetProviderCOnnectionString is a private method which sets the connections of membership and role provider through reflection.