Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (21.7 KB, 2 trang )
[ Team LiB ]
Recipe 1.8 Connecting to SQL Server Using Integrated Security from ASP.NET
Problem
You want to coordinate Windows security accounts between an ASP.NET application
and SQL Server.
Solution
Connect to SQL Server from ASP.NET using Windows Authentication in SQL Server.
Discussion
Connecting to a SQL Server database provides two different authentication modes:
Windows Authentication
Uses the current security identity from the Windows NT or Windows 2000 user
account to provide authentication information. It does not expose the user ID and
password and is the recommended method for authenticating a connection.
SQL Server Authentication
Uses a SQL Server login account providing a user ID and password.
Integrated security requires that the SQL Server is running on the same computer as IIS
and that all application users are on the same domain so that their credentials are
available to IIS. The following areas of the application need to be configured:
•
Configure the ASP.NET application so that Integrated Windows Authentication is
enabled and Anonymous Access is disabled.
•
The web.config file establishes the authentication mode that the application uses
and that the application will run as or impersonate the user. Add the following
elements to the web.config file:
•
<authentication mode="Windows" />
<identity impersonate="true" />