Newbie: Security Questions

M

MattC

Hi,

I posted in dotnet.security and was directed here.

I am to develop am ASP.NET appplication that will access many different
databases on different servers

I have also been given a requirement that the person logged on to the
computer may not be the user accessing the application.
All the users will be stored in Windows Accounts on Active Directory.

So I came to the initial conclusion after some ferreting around that I
should use Forms based authentication for access to the site. And any
database connections I make should use specific SQL users that have been set
up on the servers.

Is this feasible? Is there a more common way of solving this problem?


MattC
 
D

David Coe, MCP

First, you can still use Windows based authentication with your scenario. It will just happen that when the person logged onto the machine tries to access the application, and ASP.NET sees that they do not have the permission (after negotiating with the file system), the person will be prompted to enter the correct user name and password information

To answer your question, it just seems like you want to have a single user in SQL Server that is used to access the data. In SQL Server you would set up the user, then in the connection string you would no longer use Integrated Security; rather, it would be something like "Data Source=myserver; user id=myuser; pwd=password;"
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,901
Latest member
Noble71S45

Latest Threads

Top