Re: ASP.NET + SQL Server + WebHost - Setup Questions

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hello Dean,

Thanks for the reply.

for your further questions:

If I have a copy of the database on the same server or the same network as
the web server at the web host, why couldn't I use Windows
login/authentication? Then use replication/subscriptions to keep the
databases in sync, probably via a transactional setup?
==============================================
Yes, of course you can use windows authentication if you have a local
sqlserver instance on the host provider's server machine(or local
environment). However, that windows authentication is peforming against the
host provider's local security database(windows accounts) rather than your
own intranet's user accounts.



I wonder if I could use a VPN connection from the web host to our servers
here, for the two databases to communicate with each other, for security?
==============================================

I don't think this is quite doable, two problems here:

** VPN require us to establish the VPN connection first, normally if a
server joins a VPN, it will lose its original network connections(at least
will be affected).

** I don't think webhost will make their server join another VPN




Would this web service access a locally stored copy of the database at the
web host, or would my ASP.NET application call to a web service running on
a
server in our building here and access our local SQL Server?

I don't know that much about web services yet, so I'm not sure if this
method would be a benefit or a drawback for our scenario. I have no idea
how much more coding this method would require, nor how flexible it would
be. For instance everytime we need a new report or to add a query, the
application will have to be modified and the database, so would I also have
to modify the web service with every change also?

I don't know about the securty of having an exposed web service where
someone might be able to access our databases?
================================================
Webservice is just a distribute programming interface. If you use
webservice, you need to put your original ADO.NET code into webservice's
webmethod. And your ASP.NET web application will call webservice webmethods
instead of directly call ADO.NET components. And for webservice, you can
utilize existing security features such as basic authentication +
https/ssl or implement custom authentication in code. Anyway, since you're
not very familar with it in this case, I think you can put it aside for
future plan.





And what happens if the web hosts only offer these Medium or Low levels?
Is
there a work-around or are the drawbacks not worthwhile?
======================================================
In .net framework, Code Access Security (CAS) is used to perform security
checking and restriction on the code that can be executed in a certain .net
framework application.

#Code Access Security in Practice
http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh08.asp?frame=tru
e


In ASP.NET, the "trust" level controls the code access permission the
ASP.NET applciation will have(what level of code it can execute). By
default (defined in machine.config) ASP.NET application is running under
"Full" trust level, however, in public web host provider, they only provide
"Medium" trust level, thus, some privileged .net code(such as unmanaged
interop code or file IO API) will not allowed to be execute.

Here is a good reference article about CAS with ASP.NET, you can refer to
it to get more ideas:

#How To: Use Code Access Security in ASP.NET 2.0
http://msdn.microsoft.com/library/en-us/dnpag2/html/paght000017.asp?frame=tr
ue


Also, even with "Medium" trust, there is some best practice article
describe how to make our ASP.NET application work in restricted host
environment:

#How To: Use Medium Trust in ASP.NET 2.0
http://msdn.microsoft.com/library/en-us/dnpag2/html/paght000020.asp?frame=tr
ue


Hope this also helps.



Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



This posting is provided "AS IS" with no warranties, and confers no rights.

.

Relevant Pages

  • Re: Database connection error (re-post)
    ... My web server does have ... The issue, it seems, is with the database ... I contacted my web host again to convey your last ... buy MySQL for about £145. ...
    (microsoft.public.frontpage.client)
  • Re: Connecting Access Database to Front Page
    ... > I have an Access database that I want to connect to Front ... I don't have access to a server, ... > about connecting to a web host. ...
    (microsoft.public.frontpage.client)
  • Connecting Access Database to Front Page
    ... I have an Access database that I want to connect to Front ... I don't have access to a server, ... about connecting to a web host. ...
    (microsoft.public.frontpage.client)
  • Create SharePoint Portal failed.
    ... One mentioned ensuring that SQL Server uses a case ... 13:55:40 Service database server is 'USDC-JOHRIV'. ... Update dbo.propertylist set DisplayName = N'Last name' ...
    (microsoft.public.sharepoint.portalserver)
  • Re: ADO Connection Timeout
    ... to the central server, but you are willing to live with periods where it ... i.e. a local database or even a text file. ... to function until the connection can be restored to the server. ...
    (microsoft.public.data.ado)