Mixed mode in SQL server..

P

Paul M

Hi folks,

Just starting down the ASP.NET route after many years of VB/VBA. Been
looking at the security stuff and it seems that Forms authentication seems
to be the most popular route taken and seemingly one of the safer routes.

The only thing I'm not too happy with is exposing my good old SQL 2K server
to mixed mode authentication (after a few hack free years of trusted
connections). Am I right in saying there is no way of being able to
authenticate users AND map to database roles, except using mixed mode in SQL
server?

Cheers...P
 
M

Mary Chipman

Did you use Windows authentication before and it worked? If so, then
it should still work now. You can map Windows users and groups to SQLS
database roles. If you're talking about an ASP.NET app, it all depends
on whether or not you use impersonation (not is preferred). If you use
a single login from ASP.NET, you can certainly use a Windows account
for connection but you'd need to roll your own roles at the method
level to implement role-based security since everyone will be
connecting through that single login. .NET does support mix-and-match
in this scenario with WindowsPrincipal and GenericPrincipal objects.

-- Mary
MCW Technologies
http://www.mcwtech.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,901
Latest member
Noble71S45

Latest Threads

Top