RE: Getting Challenged when using SQL connection on .aspx page
- From: Ray <Ray@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 20 Apr 2007 19:12:01 -0700
Sorry to be asking stuff i can test for myself, but i will not have access to
the network until monday and want to be ready.
What would happen if i removed integrated security=sspi from the connection
string and also removed identity impersonate="true" then changed the settings
on the IIS to use integrated security and deselect basic basic authentication?
"Peter Bromberg [C# MVP]" wrote:
Yes it will, and it's more efficient since the connection string is the same.
with all users, which means you'll be efficiently using the ADO.NET
connection pool.
If you want to restrict users from "doing certain stuff", consider
controlling that through Forms Authentication on your web app with Membership
and Roles providers.
Peter
--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net
"Ray" wrote:
Wont that allow anyone who hits the webpage to access the data? I only want
people in those groups that are allowed access to the tables to be able to
see the tables. Just want the login token to be passed, without having to
reenter the login required by the webpage after we have already logged into
the network.
"Peter Bromberg [C# MVP]" wrote:
Ray,
A SQL Server login connection string:
"server=yourserver;database=yourdatabase;uid=yourlogin;pwd=yourpassword;"
No SSPI, no "trusted connection". Keep it simple.
Peter
--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net
"Ray" wrote:
Mixed Mode is enabled. As you can see in the code i posted, i have used
integrated security=sspi. Do i need to add Trusted_Connection=true? What I
have read says that they are the same.
"Peter Bromberg [C# MVP]" wrote:
switch to using a SQL Server login, and ensure that SQL Server MIXED MODE
authentication is enabled.
Peter
--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net
"Ray" wrote:
Have SQL server on one machine. Have IIS on another machine in same large
intranet. Have website in IIS with Basic Authentication turned on and other
options deselected. Have webpage (.aspx) with following connection in the
web.config file
<add name="NorthwindConnectionString1" connectionString="Data
Source=VHAV16PLAN1;Initial Catalog=Northwind;Integrated Security=SSPI"
providerName="System.Data.SqlClient" />
Have following added to systemweb element
<identity impersonate="true"/>
I have account to the database on the SQL server. Am logged on to machine on
the same intranet using that account login.
When I try to open the webpage in IE7. I am getting a request for me to
enter my user name and password. After entering it, I am able to see the data
from the SQL connection in the datagrid on the webpage.
I would like the webpage to pass my login credentials directly to the SQL
Server without having to enter it manually. How do I accomplish this???
I want others who have the same access permissions to SQL data to be able to
be recognized automatically also??
Basically, I want the webpage to pass the login token to the SQL
automatically.
Help
- References:
- RE: Getting Challenged when using SQL connection on .aspx page
- From: Peter Bromberg [C# MVP]
- RE: Getting Challenged when using SQL connection on .aspx page
- From: Ray
- RE: Getting Challenged when using SQL connection on .aspx page
- From: Peter Bromberg [C# MVP]
- RE: Getting Challenged when using SQL connection on .aspx page
- Prev by Date: Re: Losing Session on Postback
- Next by Date: 404 not found
- Previous by thread: RE: Getting Challenged when using SQL connection on .aspx page
- Next by thread: RE: Getting Challenged when using SQL connection on .aspx page
- Index(es):
Relevant Pages
|
