web app - IIS and SQL on different machines

Discussion in 'ASP .Net' started by Dan Walls, Jan 22, 2004.

  1. Dan Walls

    Dan Walls Guest

    Hi,

    I am deploying an ASP.Net web app into the following scenario:

    Internet --> Firewall --> WebServer (IIS) --> [firewall?] --> [database
    server]

    However I am not sure what sort of authentication options are available to
    me in gettingthe application to talk to the SQL server.

    How do I talk between the web app and the database server - if TCP/IP then
    what mode of authentication do I use? What would a typical connection string
    look like?

    Are there any references where I can study up on this ? I couldn't find
    anything even though I spent half the day looking - mind you it helps to
    know what you're looking for.

    Thanks very much if you can help me,
    Dan.
    Dan Walls, Jan 22, 2004
    #1
    1. Advertising

  2. You will probably need to use SQL Server authentication. Check out www.connectionstrings.com for examples of connection strings that you can use.

    --
    Keith


    "Dan Walls" <> wrote in message news:yJKPb.23117$...
    > Hi,
    >
    > I am deploying an ASP.Net web app into the following scenario:
    >
    > Internet --> Firewall --> WebServer (IIS) --> [firewall?] --> [database
    > server]
    >
    > However I am not sure what sort of authentication options are available to
    > me in gettingthe application to talk to the SQL server.
    >
    > How do I talk between the web app and the database server - if TCP/IP then
    > what mode of authentication do I use? What would a typical connection string
    > look like?
    >
    > Are there any references where I can study up on this ? I couldn't find
    > anything even though I spent half the day looking - mind you it helps to
    > know what you're looking for.
    >
    > Thanks very much if you can help me,
    > Dan.
    >
    >
    Keith Kratochvil, Jan 22, 2004
    #2
    1. Advertising

  3. A SQLServer is much like a web server, other than the TCP/IP port it listens
    to for requests. The Connection is defined via the Connection String, which
    contains a number of parameter values that indicate how the database should
    be connected to. It includes such things as the IP address/domain
    name/machine name of the SQL Server machine (which one depends upon your
    network configuration, which was a bit sketchy), the User Name and Password
    you want to connect using, the database to use, and other optional elements.
    A good reference for Connection Strings is
    http://www.connectionstrings.com/.

    You can use Either SQL Server authentication or Windows Authentication.
    Which one you use depends upon how the SQL Server is configured. You should
    ask your DBA about that.

    --
    HTH,
    Kevin Spencer
    ..Net Developer
    Microsoft MVP
    Big things are made up
    of lots of little things.

    "Dan Walls" <> wrote in message
    news:yJKPb.23117$...
    > Hi,
    >
    > I am deploying an ASP.Net web app into the following scenario:
    >
    > Internet --> Firewall --> WebServer (IIS) --> [firewall?] --> [database
    > server]
    >
    > However I am not sure what sort of authentication options are available to
    > me in gettingthe application to talk to the SQL server.
    >
    > How do I talk between the web app and the database server - if TCP/IP then
    > what mode of authentication do I use? What would a typical connection

    string
    > look like?
    >
    > Are there any references where I can study up on this ? I couldn't find
    > anything even though I spent half the day looking - mind you it helps to
    > know what you're looking for.
    >
    > Thanks very much if you can help me,
    > Dan.
    >
    >
    Kevin Spencer, Jan 22, 2004
    #3
  4. Dan Walls

    Dan Walls Guest

    Thanks Kevin,

    unfortunately I am also the DBA :). I have the freedom to install and
    configure the network as I see fit, so I will configure the network in the
    way the provides the best possible security. That is why I am looking at
    adding another layer and putting the SQL server on a different machine to
    IIS.

    It's my understanding that if I communicate via TCP/IP between IIS server
    and SQL Server machines then I can only use SQL authentication and NOT
    Windows authentication. This is because Windows authentication relies on the
    user being recognised by the OS and a tcp 1433 connection would go straight
    to the SQL server.

    Now - is it possible to use windows networking between the two machines -
    and that way I could log in using the IIS_MACHINE/ASPNET user account. This
    user account would have to be present on the SQL machine would it not? Would
    this work if I gave it the same usernam and password - are there any
    inherent security risks with this approach?

    Thanks for the connectionstrings.com. That's a good reference. Straight to
    the favourites.

    Dan.

    "Kevin Spencer" <> wrote in message
    news:...
    > A SQLServer is much like a web server, other than the TCP/IP port it

    listens
    > to for requests. The Connection is defined via the Connection String,

    which
    > contains a number of parameter values that indicate how the database

    should
    > be connected to. It includes such things as the IP address/domain
    > name/machine name of the SQL Server machine (which one depends upon your
    > network configuration, which was a bit sketchy), the User Name and

    Password
    > you want to connect using, the database to use, and other optional

    elements.
    > A good reference for Connection Strings is
    > http://www.connectionstrings.com/.
    >
    > You can use Either SQL Server authentication or Windows Authentication.
    > Which one you use depends upon how the SQL Server is configured. You

    should
    > ask your DBA about that.
    >
    > --
    > HTH,
    > Kevin Spencer
    > .Net Developer
    > Microsoft MVP
    > Big things are made up
    > of lots of little things.
    >
    > "Dan Walls" <> wrote in message
    > news:yJKPb.23117$...
    > > Hi,
    > >
    > > I am deploying an ASP.Net web app into the following scenario:
    > >
    > > Internet --> Firewall --> WebServer (IIS) --> [firewall?] --> [database
    > > server]
    > >
    > > However I am not sure what sort of authentication options are available

    to
    > > me in gettingthe application to talk to the SQL server.
    > >
    > > How do I talk between the web app and the database server - if TCP/IP

    then
    > > what mode of authentication do I use? What would a typical connection

    > string
    > > look like?
    > >
    > > Are there any references where I can study up on this ? I couldn't find
    > > anything even though I spent half the day looking - mind you it helps to
    > > know what you're looking for.
    > >
    > > Thanks very much if you can help me,
    > > Dan.
    > >
    > >

    >
    >
    Dan Walls, Jan 23, 2004
    #4
  5. > Now - is it possible to use windows networking between the two machines -
    > and that way I could log in using the IIS_MACHINE/ASPNET user account.

    This
    > user account would have to be present on the SQL machine would it not?

    Would
    > this work if I gave it the same usernam and password - are there any
    > inherent security risks with this approach?


    Actually, you can use Windows Authentication as long as the 2 machines are
    on the same Domain, using Active Directory accounts. In any case, as long as
    the 2 machines are on the same LAN, and behind the same Firewall (configured
    correctly), you shouldn't have any security problems using either method. If
    you find it easier to work with SQL Server authentication, by all means, use
    that.

    --
    HTH,
    Kevin Spencer
    ..Net Developer
    Microsoft MVP
    Big things are made up
    of lots of little things.

    "Dan Walls" <> wrote in message
    news:zyZPb.24040$...
    > Thanks Kevin,
    >
    > unfortunately I am also the DBA :). I have the freedom to install and
    > configure the network as I see fit, so I will configure the network in the
    > way the provides the best possible security. That is why I am looking at
    > adding another layer and putting the SQL server on a different machine to
    > IIS.
    >
    > It's my understanding that if I communicate via TCP/IP between IIS server
    > and SQL Server machines then I can only use SQL authentication and NOT
    > Windows authentication. This is because Windows authentication relies on

    the
    > user being recognised by the OS and a tcp 1433 connection would go

    straight
    > to the SQL server.
    >
    > Now - is it possible to use windows networking between the two machines -
    > and that way I could log in using the IIS_MACHINE/ASPNET user account.

    This
    > user account would have to be present on the SQL machine would it not?

    Would
    > this work if I gave it the same usernam and password - are there any
    > inherent security risks with this approach?
    >
    > Thanks for the connectionstrings.com. That's a good reference. Straight to
    > the favourites.
    >
    > Dan.
    >
    > "Kevin Spencer" <> wrote in message
    > news:...
    > > A SQLServer is much like a web server, other than the TCP/IP port it

    > listens
    > > to for requests. The Connection is defined via the Connection String,

    > which
    > > contains a number of parameter values that indicate how the database

    > should
    > > be connected to. It includes such things as the IP address/domain
    > > name/machine name of the SQL Server machine (which one depends upon your
    > > network configuration, which was a bit sketchy), the User Name and

    > Password
    > > you want to connect using, the database to use, and other optional

    > elements.
    > > A good reference for Connection Strings is
    > > http://www.connectionstrings.com/.
    > >
    > > You can use Either SQL Server authentication or Windows Authentication.
    > > Which one you use depends upon how the SQL Server is configured. You

    > should
    > > ask your DBA about that.
    > >
    > > --
    > > HTH,
    > > Kevin Spencer
    > > .Net Developer
    > > Microsoft MVP
    > > Big things are made up
    > > of lots of little things.
    > >
    > > "Dan Walls" <> wrote in message
    > > news:yJKPb.23117$...
    > > > Hi,
    > > >
    > > > I am deploying an ASP.Net web app into the following scenario:
    > > >
    > > > Internet --> Firewall --> WebServer (IIS) --> [firewall?] -->

    [database
    > > > server]
    > > >
    > > > However I am not sure what sort of authentication options are

    available
    > to
    > > > me in gettingthe application to talk to the SQL server.
    > > >
    > > > How do I talk between the web app and the database server - if TCP/IP

    > then
    > > > what mode of authentication do I use? What would a typical connection

    > > string
    > > > look like?
    > > >
    > > > Are there any references where I can study up on this ? I couldn't

    find
    > > > anything even though I spent half the day looking - mind you it helps

    to
    > > > know what you're looking for.
    > > >
    > > > Thanks very much if you can help me,
    > > > Dan.
    > > >
    > > >

    > >
    > >

    >
    >
    Kevin Spencer, Jan 23, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ravikanth[MVP]
    Replies:
    3
    Views:
    562
    Scott Allen
    Aug 2, 2003
  2. Johnny Ruin
    Replies:
    5
    Views:
    494
  3. Replies:
    1
    Views:
    347
    Juan T. Llibre
    Jul 20, 2006
  4. stephen
    Replies:
    0
    Views:
    351
    stephen
    Jul 31, 2006
  5. Christopher Brewster
    Replies:
    5
    Views:
    335
    John Machin
    Nov 14, 2008
Loading...

Share This Page