Re: security: sql or win connections ?
From: Aaron Bertrand [MVP] (aaron_at_TRASHaspfaq.com)
Date: 04/01/04
- Next message: Mike Hill: "SQL Query problem..."
- Previous message: Chris Hohmann: "Re: ASP totals and sub-totals from an Access or SQL DB"
- In reply to: Hernán Castelo: "security: sql or win connections ?"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 1 Apr 2004 16:08:18 -0500
You can use windows authentication if your web app only requires one user,
and the application / site is set to use anonymous access but has a domain
user set as the anonymous user (who is also allowed in SQL Server).
Or, if you have all 4 users set up as Windows users, and you disable
anonymous access, and force the users to authenticate as one of the four
users.
In either case, you only need one connection string. See
http://www.aspfaq.com/2126
-- Aaron Bertrand SQL Server MVP http://www.aspfaq.com/ "Hernán Castelo" <hhh@hotmail.com> wrote in message news:u1mf7mCGEHA.3180@TK2MSFTNGP12.phx.gbl... > hi > i have 4 accounts in sql : userType1...., 4 > and .Asp pages that connect to sql2K using one of them > > each account can only execute its stored procedures > each account have its own password > then i have the connection strings in an #include file > > I readed that existence of a plain text connection string is a weak, > that is better to use windows authentication to connect > in this situation : > how can i distinguish the user type that is connecting ??? > do i have to make the connection specifying > a user type or something like this..... ?? > how should i connect? > have anyone a sample ? > > thanks > -- > atte, > Hernán Castelo > UTN Buenos Aires > . . . . . . . . . . . . . . . . . . . . . . . . . > . > >
- Next message: Mike Hill: "SQL Query problem..."
- Previous message: Chris Hohmann: "Re: ASP totals and sub-totals from an Access or SQL DB"
- In reply to: Hernán Castelo: "security: sql or win connections ?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
