I have an MVC project with multiple database connections, these are stored in a seperate config file so the connectionStrings section of my web.config looks something like
<connectionStrings configSource="DatabaseConnections\dbconnect.config" />
I have added to the project a new Area which connects to a new database via username and password, I can do this simply by adding the database connection string to dbconnect.config.
However I do not want all developers working on this project to be able to access this username and password, so I would like to keep this new connection string in a file that they cannot access. So they can run the project in debug if they are accessing only database contexts using the less secure strings, but if they attempt to access the secure database context, they won't have permission to access the file and so the database connection will fail. Ideally I would have a new config file DatabaseConnections\Secure\dbconnect_secure.config, and I would lock down access to the folder DatabaseConnections\Secure in Windows for unauthorised developers. However it seems there can only be one connectionString section of the config, and I can't have a chain of config file references.
How to achieve my aim?