Securing Connection String in Windows Azure and web.config

I encrypt the connection string in web.config like described here:

http://blogs.msdn.com/b/sqlazure/archive/2010/09/07/10058942.aspx

published to Azure and everything is working as expected.

BUT now I am facing a problem for my local development where I work against a local database where I don't need encryption of the connection string.

My local development is configured as debug configuration and I tried to replace (transform) the encrypted connectionstrings section of web.config like:

<connectionStrings configProtectionProvider="CustomProvider">
<EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
 ...
</EncryptedData>

with the开发者_开发知识库 regular non encrypted section to web.config.debug

<connectionStrings>
<add name="ApplicationServices" connectionString="data source=localhost...
</connectionStrings>

I had no problem adding the sections with xdt:Transform="Insert, but I did not manage to delete the sections from web.config.

It results in an Parser Error Message: Unrecognized element 'EncryptedData' when executing the web project in debug mode.

Is there any way deleting the EncryptedData section for web.config.debug, or a better practice to overcome this problem ?

Just wondering... why do you want to secure the connection string? You can put the connection string in the .cscfg file, and that file is not exposed in any way through IIS.

Yes, you can put them in a .csfg file and make a library to extract the connectionstring (just supply the DLL):

public class MyContext : DbContext
{
    private MyContext(string connString)
        : base(connString)
    {
    }

    public static MyContext GetMyContext()
    {
        string dbConnString = CloudConfigurationManager.GetSetting("MyDbConnectionString");

        return new MyContext(decrypt(dbConnString));
    }
}