Environment-Specific Variables¶
The following must be reviewed and updated for every environment (Development, Test, Production). All items are in web.config or touch-settings.json unless otherwise noted.
1. Database Connection¶
File: web.config → <connectionStrings>
| Parameter | Current (Dev/Production) | Update To |
|---|---|---|
Data Source |
mart.zadns.co.za |
Target server name or IP |
Initial Catalog |
conprosoft_bmhcrp |
Target database name |
User ID |
conprosoft_dbadmin |
Database login for the environment |
Password |
(configured) | Password for the database login |
The connection string name must remain MyCompany — it is referenced throughout the framework and cannot be changed without regenerating all framework files.
2. SMTP / Email¶
File: web.config → <system.net><mailSettings>
| Parameter | Current Value | Update To |
|---|---|---|
host |
smtp.bulkmail-za.com |
Client SMTP host |
port |
25 |
Client SMTP port (25, 465, or 587) |
userName |
conpro_bulkmail@smtp.bulkmail-za.com |
Client SMTP username |
password |
(configured) | Client SMTP password |
from |
no-reply@conprosoft.co.za |
Client sending address |
3. Application Name¶
File: touch-settings.json → appName
| Environment | Value |
|---|---|
| Development | "ConproSoft (Development)" |
| Production | "ConproSoft" (remove the suffix) |
4. Compilation Mode¶
File: web.config → <compilation debug="...">
| Environment | Value |
|---|---|
| Development | true |
| Production | false |
5. BLOB Adapter Keys¶
File: web.config → <appSettings>
All *BlobAdapter keys are currently empty strings, meaning attachments are stored in SQL Server. If moving to Azure Blob Storage or a filesystem path, update the relevant keys. See the Configuration Files Overview for the full key list.
BlobStorageKey — set this to the Azure Storage account connection string if Azure Blob is used.
6. Security Settings to Disable in Production¶
File: App_Code/custom/Rules/ApplicationServices.Override.cs
- Remove the master password block (
if (password == "Administrator123%")). - Remove or restrict the localhost bypass block.
File: touch-settings.json
- Rotate or remove the REST API static key under
server.rest.authorization.keys.
7. SSL / HTTPS¶
Not configured in web.config by default. On the production IIS server:
- Install a valid SSL certificate for the application domain.
- Add an HTTPS binding in IIS (port 443).
- Optionally add an HTTP-to-HTTPS redirect rule.
- Update any absolute URLs in controller XML or business rules if they reference
http://.
8. Hardcoded Email Recipients in Controller XML¶
The following addresses are embedded in controller XML files and must be manually updated if the client's finance or admin contacts change:
| Address | File |
|---|---|
finance@bmhafrica.co.za |
PurchaseOrders.xml, Requisition.xml, Payments.xml |
admin@conprosoft.co.za |
TimeSheetHeader.xml |
admin@bmh-crp.co.za |
TimeSheet.xml |
The following items must be reviewed and configured for each environment (Development, Test, Production):
Database Connection¶
- Connection String Name:
MyCompany - Location:
web.config→<connectionStrings> - Parameters to Update:
Data Source(server name / instance)Initial Catalog(database name)User IDandPassword(or integrated security configuration)
SMTP / Email¶
- Location:
web.config→<system.net><mailSettings> - Parameters to Update:
- SMTP host
- Port
- Username and password
- From address
File Paths & BLOB Adapters¶
- Location:
web.config→<appSettings> - Keys: various
*BlobAdapterkeys such as:GoodsReceiptAttachmentBlobAdapterPaymentsAttachmentBlobAdapterPersonResourceProfilePictureBlobAdapter- etc.
Ensure:
- Paths or storage settings are valid on the target environment.
- Appropriate filesystem permissions are granted if file-system BLOB storage is used.
Security & Authentication¶
- Ensure membership and role provider configuration matches the chosen authentication model.
- If integrating with external identity systems or OAuth2, update
oauth2-schema.yamland related configuration.
URLs & SSL¶
- Update any hardcoded URLs, base paths, or callback addresses in configuration or code as necessary.
- Confirm that HTTPS is enforced in Production once SSL is in place.
Record any additional environment-specific variables here as they are introduced.