Re: Anonymous connection to a remote server
- From: v-schang@xxxxxxxxxxxxxxxxxxxx (Steven Cheng[MSFT])
- Date: Tue, 19 Apr 2005 07:44:10 GMT
Glad to hear from you Roy,
I think it's OK since ASP will impersonate the authenticated user by
default( if allow anonymous then impersonate the anonymous user). And
using Integrated windows authentication at back end db is also what we
recommend.
BTW, is there any future action plan that you'll migrate your web
application from classic ASP to ASP.NET. The asp.net web app framework will
have more strong support for stable and high performance web application.
Also, as for security, the asp.net can let the asp.net running under the
process idenity (the application pool identity in IIS6) together with allow
anonymous in IIS. Thus, we can still keep the IIS's anonymous account as a
very restricted account.
Thanks,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
.
- References:
- Anonymous connection to a remote server
- From: Roy Chastain
- RE: Anonymous connection to a remote server
- From: Steven Cheng[MSFT]
- Re: Anonymous connection to a remote server
- From: Roy Chastain
- Anonymous connection to a remote server
- Prev by Date: Help!! [Microsoft][ODBC SQL Server Driver]Timeout expired
- Next by Date: Re: How to determine connection pool from SQL Server?
- Previous by thread: Re: Anonymous connection to a remote server
- Next by thread: Get the windows user from SQL
- Index(es):
Relevant Pages
|
