How to: Troubleshoot error message “This control does not allow connection strings with the following keywords: ‘Integrated Security’, ‘Trusted_Connection’.”

One of the things that you will be tempted to attempt quite early in your SharePoint 2010 journey, is to create a control that pulls data off of a database. In fact, SharePoint Designer does a great job in offering you this ability in just a few clicks. However, you will find that deploying to your SharePoint installation will probably result in an error related to your security settings.

Sharepoint will diplay a box with the following message: This control does not allow connection strings with the following keywords: ‘Integrated Security’, ‘Trusted_Connection’.

In order to deal with this kind of error, a developer has a number of options. In my opinion, the best practice in this case will be to programmatically allow the control to use Integrated Security in this instance. The other option is to alter the security settings through the web.config of your installation to globally allow Integrated Security.

1. In the first case, you will need to revisit your control (say, an asp:SqlDataSource) in SharePoint Designer, locate the control in Code view and add this little bit therein: AllowIntegratedSecurity=”True”


<asp:SqlDataSource AllowIntegratedSecurity=”True” runat=”server” ID=”someName” ConnectionString=”Data Source=someDataSource;Initial Catalog=someDBTable;Integrated Security=True” SelectCommand=”someSelectCommand” ProviderName=”System.Data.SqlClient”>

Although SharePoint Designer 2010 will already have added the “Integrated Security=True” in the ConnectionString bit, it will not have added the AllowIntegratedSecurity=True by default. This is normal behaviour. Just add it yourself and next time you’ll visit your webpage, you will not get the error message.

2. As I already said, you could, if you’d so desire, add the global settings of your installation to allow Integrated Security. This is something I have not tried myself but Corey Roth of the Dot Net Mafia ( ) suggests that this is the way to do it. Visit the link above to retrieve the original article. The proposed solution is the following:

i. Add this in web.config: <remove tagType=”System.Web.UI.WebControls.SqlDataSource, System.Web, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a” />
ii. and then register the SqlDataSource as a safe control: <SafeControl Assembly=”System.Web, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a” Namespace=”System.Web.UI.WebControls” TypeName=”SqlDataSource” Safe=”True” AllowRemoteDesigner=”False” />

As I said, I have not tried this. The first option works just fine for my needs. But it’s always good to know the available options.

MGR: the Intelogist

About MGR: the Intelogist

SharePoint Server developer, turned Sitefinity developer, turned Angular developer, turned SharePoint Online consultant, turned Unily consultant, turned O365 consultant... Never a dull moment!

4 thoughts on “How to: Troubleshoot error message “This control does not allow connection strings with the following keywords: ‘Integrated Security’, ‘Trusted_Connection’.”

  1. I personally wanted to show this specific blog post, “|
    .Randomizzzer | How to: Troubleshoot error message

  2. Jim

    possbily even better in the web.config:

  3. If I go the global route, in what section of the web.config would I add the <remove tag Type?

    • MGR

      Hi there FatCrab, thanks for your message. If you open up your web.config, you will find the section. There’s an in there. One that defines the one that you want to delete. However, you cannot just delete the line and expect it to work. You will have to remove the mapping as described above. In my web.config, the original section was as follows:

      tagMapping in web.config

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> 

This site uses Akismet to reduce spam. Learn how your comment data is processed.