using Membership on production server (Copy Web Site tool) - Used to SQL Server 2000 enterprise edit

Discussion in 'ASP .Net' started by Louis R., Jan 8, 2009.

  1. Louis R.

    Louis R. Guest

    Hi!

    I read a lot about that and I still cannot figure it out. So. I'd like to
    use membership into an web application that will run on a production
    server(s). On my dev machine, using Web dev Xpress 2008 and SQL Server
    Xpress 2008, all is well. My Aspnetdb.mdf is running fine in my App_data
    directory.

    When I use the copy website utility to transfer all this on a "test"
    production server and try to login or anything, I'm getting the predictable
    "Failed to generate a user instance of SQL Server due to a failure in
    starting the process for the user instance."

    Now, my "test" prod server runs .NET 3.5, IIS 6, SQL server 2000 (Std
    Edition) and SQL server Xpress 2008. I could install SQL 2008 Standard if
    necessary but for now we were delaying this. I could do the same on real
    prod servers when ready.

    I have many questions :

    1) What do I need to have and to configure on my prod server (SQL Server
    2008 XPress or 2000 Standard or anything else) to use Membership with
    Aspnetdb.mdf in a App_data directory ?

    2) Is it possible to use many concurrent secure Web app on a production
    server, using separate membership structure based on separate Aspnetdb.mdf
    in
    each App_data directory of each app?

    3) Do I have to use SSL connection to keep secure "Username /Password" use
    during login ?

    4) Is it a good rule to use the App_data for other application databases
    (Inventory, parts catalog, orders and financial data, ...) and how to
    connect
    safely their use with the Role/membership structure ?

    4) Is it possible/suitable to have a "mixed model", using Windows
    Authentification to get in the app zone, login in (to identify more
    precisely
    the user) afterward ? And why is it or is not a good way to go ...

    Thanks anyway and have a good day !

    --
    "Who's on first ..."
    Louis R., Jan 8, 2009
    #1
    1. Advertising

  2. Try this as a start:
    http://gregorybeamer.spaces.live.com/blog/cns!B036196EAF9B34A8!630.entry

    --
    Gregory A. Beamer
    MVP: MCP: +I, SE, SD, DBA

    Blog:
    http://feeds.feedburner.com/GregoryBeamer

    ********************************************
    | Think Outside the Box! |
    ********************************************
    "Louis R." <> wrote in message
    news:%...
    > Hi!
    >
    > I read a lot about that and I still cannot figure it out. So. I'd like
    > to
    > use membership into an web application that will run on a production
    > server(s). On my dev machine, using Web dev Xpress 2008 and SQL Server
    > Xpress 2008, all is well. My Aspnetdb.mdf is running fine in my App_data
    > directory.
    >
    > When I use the copy website utility to transfer all this on a "test"
    > production server and try to login or anything, I'm getting the
    > predictable
    > "Failed to generate a user instance of SQL Server due to a failure in
    > starting the process for the user instance."
    >
    > Now, my "test" prod server runs .NET 3.5, IIS 6, SQL server 2000 (Std
    > Edition) and SQL server Xpress 2008. I could install SQL 2008 Standard if
    > necessary but for now we were delaying this. I could do the same on real
    > prod servers when ready.
    >
    > I have many questions :
    >
    > 1) What do I need to have and to configure on my prod server (SQL Server
    > 2008 XPress or 2000 Standard or anything else) to use Membership with
    > Aspnetdb.mdf in a App_data directory ?
    >
    > 2) Is it possible to use many concurrent secure Web app on a production
    > server, using separate membership structure based on separate Aspnetdb.mdf
    > in
    > each App_data directory of each app?
    >
    > 3) Do I have to use SSL connection to keep secure "Username /Password" use
    > during login ?
    >
    > 4) Is it a good rule to use the App_data for other application databases
    > (Inventory, parts catalog, orders and financial data, ...) and how to
    > connect
    > safely their use with the Role/membership structure ?
    >
    > 4) Is it possible/suitable to have a "mixed model", using Windows
    > Authentification to get in the app zone, login in (to identify more
    > precisely
    > the user) afterward ? And why is it or is not a good way to go ...
    >
    > Thanks anyway and have a good day !
    >
    > --
    > "Who's on first ..."
    >
    Gregory A. Beamer, Jan 8, 2009
    #2
    1. Advertising

  3. Louis R.

    Steven Cheng Guest

    Hi Louis,

    I think Gregory has provided a very good article that contains detailed
    illustration on how to publish ASP.NET site with SQL Database used.

    Here are some of my understanding and comments regarding on the questions
    you mentioned in the opening post:

    1) What do I need to have and to configure on my prod server (SQL Server
    2008 XPress or 2000 Standard or anything else) to use Membership with
    Aspnetdb.mdf in a App_data directory ?
    =======================================
    Generally mdf(SQL db) in App_Data is rely on SQL Express's "User
    Instance", therefore, you need to make sure SqlExpress is installed and
    "User Instance" is enabled on the production server.

    #SQL Server 2005 Express Edition User Instances
    http://msdn.microsoft.com/en-us/library/bb264564.aspx



    2) Is it possible to use many concurrent secure Web app on a production
    server, using separate membership structure based on separate Aspnetdb.mdf
    in
    each App_data directory of each app?
    ======================================
    ASP.NET provider tools to let you initlize a certain SQL Server database to
    become storage for ASP.NET sql based providers(such as membership, role,
    profile ...). Therefore, you can choose whatever database/server instances
    you want to use. You can let multiple ASP.NET application share the same
    database(through not quite good). And you can also let each application has
    their own SQL database.



    3) Do I have to use SSL connection to keep secure "Username /Password" use
    during login ?
    ==========================================
    Sure, over internet, it'll be good to have HTTS/SSL to ensure credentials
    transfer security since by default everything is passed as clear text on
    html page(If you 're using forms authentication).


    4) Is it a good rule to use the App_data for other application databases
    (Inventory, parts catalog, orders and financial data, ...) and how to
    connect
    safely their use with the Role/membership structure ?
    ================================================
    It's up to you. but I think maybe it's better to ask some DB guys this
    question since you'll need to consider something like backup, management
    when you store too many different data in a single database.



    5) Is it possible/suitable to have a "mixed model", using Windows
    Authentification to get in the app zone, login in (to identify more
    precisely
    the user) afterward ? And why is it or is not a good way to go ...
    =========================================
    According to sql server security, windows authentication is always
    prefered. You can configure your ASP.NET application to running under a
    process identity that has sufficient permission to access the db. SQL
    authenticaiton(with username/password in connection string) just send clear
    text(base64 encoded) info via network.



    If you have any further specific questions on this, welcome to post here.

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    Delighting our customers is our #1 priority. We welcome your comments and
    suggestions about how we can improve the support we provide to you. Please
    feel free to let my manager know what you think of the level of service
    provided. You can send feedback directly to my manager at:
    .

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications.

    Note: MSDN Managed Newsgroup support offering is for non-urgent issues
    where an initial response from the community or a Microsoft Support
    Engineer within 2 business day is acceptable. Please note that each follow
    up response may take approximately 2 business days as the support
    professional working with you may need further investigation to reach the
    most efficient resolution. The offering is not appropriate for situations
    that require urgent, real-time or phone-based interactions. Issues of this
    nature are best handled working with a dedicated Microsoft Support Engineer
    by contacting Microsoft Customer Support Services (CSS) at
    http://msdn.microsoft.com/en-us/subscriptions/aa948874.aspx
    ==================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.






    --------------------
    >From: "Louis R." <>
    >Subject: using Membership on production server (Copy Web Site tool) - Used

    to SQL Server 2000 enterprise edition
    >Date: Wed, 7 Jan 2009 23:06:21 -0500
    >Lines: 48
    >X-Priority: 3
    >X-MSMail-Priority: Normal
    >X-Newsreader: Microsoft Outlook Express 6.00.2900.5512
    >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
    >X-RFC2646: Format=Flowed; Original
    >Message-ID: <#>
    >Newsgroups: microsoft.public.dotnet.framework.aspnet
    >NNTP-Posting-Host: modemcable156.163-58-74.mc.videotron.ca 74.58.163.156
    >Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP06.phx.gbl
    >Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.dotnet.framework.aspnet:82402
    >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
    >
    >Hi!
    >
    >I read a lot about that and I still cannot figure it out. So. I'd like to
    >use membership into an web application that will run on a production
    >server(s). On my dev machine, using Web dev Xpress 2008 and SQL Server
    >Xpress 2008, all is well. My Aspnetdb.mdf is running fine in my App_data
    >directory.
    >
    >When I use the copy website utility to transfer all this on a "test"
    >production server and try to login or anything, I'm getting the predictable
    >"Failed to generate a user instance of SQL Server due to a failure in
    >starting the process for the user instance."
    >
    >Now, my "test" prod server runs .NET 3.5, IIS 6, SQL server 2000 (Std
    >Edition) and SQL server Xpress 2008. I could install SQL 2008 Standard if
    >necessary but for now we were delaying this. I could do the same on real
    >prod servers when ready.
    >
    >I have many questions :
    >
    >1) What do I need to have and to configure on my prod server (SQL Server
    >2008 XPress or 2000 Standard or anything else) to use Membership with
    >Aspnetdb.mdf in a App_data directory ?
    >
    >2) Is it possible to use many concurrent secure Web app on a production
    >server, using separate membership structure based on separate Aspnetdb.mdf
    >in
    >each App_data directory of each app?
    >
    >3) Do I have to use SSL connection to keep secure "Username /Password" use
    >during login ?
    >
    >4) Is it a good rule to use the App_data for other application databases
    >(Inventory, parts catalog, orders and financial data, ...) and how to
    >connect
    >safely their use with the Role/membership structure ?
    >
    >4) Is it possible/suitable to have a "mixed model", using Windows
    >Authentification to get in the app zone, login in (to identify more
    >precisely
    >the user) afterward ? And why is it or is not a good way to go ...
    >
    >Thanks anyway and have a good day !
    >
    >--
    >"Who's on first ..."
    >
    >
    >
    Steven Cheng, Jan 8, 2009
    #3
  4. Louis R.

    Louis R. Guest

    RE: using Membership on production server (Copy Web Site tool) - U

    Thank you very much for your answers.

    I would have other questions, or precisions to ask about these.

    1) I was aware of what "user instance" are and since I do want to have all
    my Internet User share the same data according to their privilege, I did not
    plan to use this technique. But, do you mean that the App_data directory in
    a web app can only be used with "User instance" connections ?

    2) For my Web app, I would like to use a aspnetdb.mdf to manage my security
    and access privilege (Membership) and some other SQL databases containing
    application data. Where should I put these databases and can I use them
    indifferently with SQL Server 2008 Express or Standard edition ?

    3) Do I understand correctly what you say about the login process : the only
    way to protect the username/password authentification process is to use SSL
    connection to login ? Could I use Windows authentification to protect this
    part of the login process and still use the benefit of the Membership
    technique?

    4) As for the SQL Server connections I use in my Web App, if I create an
    Active Directory User to access the SQL databases and use it in my aspnet
    connection, is it the safer way to proceed ? Is it the way it was intended
    for Web App ?

    Thanks again.
    --
    "Who''''''''s on first ..."
    Louis R., Jan 13, 2009
    #4
  5. Louis R.

    Louis R. Guest

    Re: using Membership on production server (Copy Web Site tool) - U

    Hi Greg !

    ....Peace and Grace to you also, specially in this beginning of 2009

    Thanks for your article. I read it, and appreciate the way you describe the
    process (screens, steps, ..).

    One thing. My Web app will run on an Internet server (computer) that
    belongs to us, on which we have SQL Servers and IIS6. So publishing a SQL
    database is something we are familiar with, even if we have surprise from
    time to time, but I was very glad to learn about this DB publishing wizard.

    Also, what I understand from your article is that after publishing, we have
    to go and modify the connections strings in the webconfig file. So it means
    that we cannot publish this file again from our dev machine if other things
    would have to change about the rest of the application as it would get the
    connections strings back to their local expression. Am I right about that ?

    Anyway, I would have to know if I have to keep the database files (Aspnetdb
    and others) in the App_data created with my Web Dev Xpress and if I have to
    "Attach" manually these dbs to the SQL Server instance I will use ?

    Can I use indifferently the Xpress version or the Standard version of SQL
    server ?

    Thanks again.
    --
    "Who''''''''s on first ..."


    "Gregory A. Beamer" wrote:

    > Try this as a start:
    > http://gregorybeamer.spaces.live.com/blog/cns!B036196EAF9B34A8!630.entry
    >
    > --
    > Gregory A. Beamer
    > MVP: MCP: +I, SE, SD, DBA
    >
    > Blog:
    > http://feeds.feedburner.com/GregoryBeamer
    >
    > ********************************************
    Louis R., Jan 13, 2009
    #5
  6. Louis R.

    Steven Cheng Guest

    RE: using Membership on production server (Copy Web Site tool) - U

    Hi Louis,

    Thanks for your reply.

    For the further specific questions, here are my comments in line:


    1) I was aware of what "user instance" are and since I do want to have all
    my Internet User share the same data according to their privilege, I did
    not
    plan to use this technique. But, do you mean that the App_data directory
    in
    a web app can only be used with "User instance" connections ?
    =====================================
    "User instance" can let you use sql server mdf database file without
    attaching it to a certain SQL Server instance. Sure, you can still put mdf
    database file in App_Data folder. In this case, you will have to attach the
    file to a sql server instance(such as SQL Express or other named or default
    instance) so as to use them.


    2) For my Web app, I would like to use a aspnetdb.mdf to manage my security
    and access privilege (Membership) and some other SQL databases containing
    application data. Where should I put these databases and can I use them
    indifferently with SQL Server 2008 Express or Standard edition ?
    =================================
    Generally a single mdf file contains a single database. Sure, you can store
    both membership and other business data into the same database. As I
    mentioned above, you need to attach the database file to an instance first.


    3) Do I understand correctly what you say about the login process : the
    only
    way to protect the username/password authentification process is to use SSL
    connection to login ? Could I use Windows authentification to protect this
    part of the login process and still use the benefit of the Membership
    technique?
    =========================
    By using windows authentication, you do not need to put username/password
    in connectionstring. And to use windows authentication to connect SQL
    Server in your case, you need to make sure your ASP.NET application's
    running account(process account) has sufficient permission to access the
    database. Here is an article introducing IIS/ASP.NET process identity:

    #Process and Thread Identity in ASP.NET ┬ĘC A Practical Approach
    http://blogs.iis.net/sakyad/archive/2008/11/19/process-and-thread-identity-i
    n-asp-net-a-practical-approach.aspx

    In short, you need to let your ASP.NET running under a fixed account, this
    account has sufficient permission to access the sql server. Then, you can
    just configure your SQL server connectcion to use windows
    authentication(instead of putting username/password in connection string).



    4) As for the SQL Server connections I use in my Web App, if I create an
    Active Directory User to access the SQL databases and use it in my aspnet
    connection, is it the safer way to proceed ? Is it the way it was intended
    for Web App ?
    ============================
    Just like I mentioned in #3, you can configure your ASP.NET application to
    run under a specific account as long as that account has sufficient
    permission to access any protected resource. Also, try not to grant to
    much permission & privilege to that account so as to reduce security risk.

    The article below is a good one which introducing all the common data
    accessing (security specific) pattern in ASP.NET, including SQL Server
    authentication(put username/pass in connection string) and windows
    authentication(this is called "Trusted subsystem" pattern in this article):

    #How To: Connect to SQL Server Using Windows Authentication in ASP.NET 2.0
    http://msdn.microsoft.com/en-us/library/ms998292.aspx

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    Delighting our customers is our #1 priority. We welcome your comments and
    suggestions about how we can improve the support we provide to you. Please
    feel free to let my manager know what you think of the level of service
    provided. You can send feedback directly to my manager at:
    .


    --------------------
    >From: =?Utf-8?B?TG91aXMgUi4=?= <>
    >References: <#>

    <CFaD#>
    >Subject: RE: using Membership on production server (Copy Web Site tool) - U
    >Date: Tue, 13 Jan 2009 14:56:19 -0800


    >
    >Thank you very much for your answers.
    >
    >I would have other questions, or precisions to ask about these.
    >
    >1) I was aware of what "user instance" are and since I do want to have all
    >my Internet User share the same data according to their privilege, I did

    not
    >plan to use this technique. But, do you mean that the App_data directory

    in
    >a web app can only be used with "User instance" connections ?
    >
    >2) For my Web app, I would like to use a aspnetdb.mdf to manage my

    security
    >and access privilege (Membership) and some other SQL databases containing
    >application data. Where should I put these databases and can I use them
    >indifferently with SQL Server 2008 Express or Standard edition ?
    >
    >3) Do I understand correctly what you say about the login process : the

    only
    >way to protect the username/password authentification process is to use

    SSL
    >connection to login ? Could I use Windows authentification to protect

    this
    >part of the login process and still use the benefit of the Membership
    >technique?
    >
    >4) As for the SQL Server connections I use in my Web App, if I create an
    >Active Directory User to access the SQL databases and use it in my aspnet
    >connection, is it the safer way to proceed ? Is it the way it was

    intended
    >for Web App ?
    >
    >Thanks again.
    >--
    >"Who''''''''s on first ..."
    >
    >
    >
    >
    Steven Cheng, Jan 14, 2009
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Z2F1cmF2?=

    Uploading Data From MS Acess 2000 ti SQL server 2000

    =?Utf-8?B?Z2F1cmF2?=, Jan 9, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    788
    Mary Chipman [MSFT]
    Jan 9, 2006
  2. C Did
    Replies:
    3
    Views:
    3,925
    Chris Lithgow
    Jun 20, 2006
  3. Louis R.
    Replies:
    3
    Views:
    1,117
    Louis R.
    Dec 9, 2008
  4. jj
    Replies:
    2
    Views:
    299
    sloan
    Dec 22, 2008
  5. Denis

    Access 2000 or SQL Server 2000

    Denis, Jan 25, 2004, in forum: ASP General
    Replies:
    1
    Views:
    181
    Nicole Calinoiu
    Jan 25, 2004
Loading...

Share This Page