opensubscriber
   Find in this group all groups
 
Unknown more information…

d : dotnet-web@discuss.develop.com 22 June 2008 • 7:17AM -0400

Re: [DOTNET-WEB] .net sql server account database authentication question
by Chris Anderson

REPLY TO AUTHOR
 
REPLY TO GROUP



> Im creating an asp.net/sql server app; Id prefer to use a sql server
> account to maximize connection pooling, our security guy wants
> integrated security.  We've reached an agreement where I can use a
> single account as long as its a domain account, but Ive been unable to
> figure out how to do so (if its even possible). Im thinking I either
> need to use integrated security but force sql server to use a single
> account, or use a regular connection string, naming the domain account
> and password with Integrated Security=false.

You could either:
Set the account that ASP.NET uses (not great because it will affect all
ASP.NET applications), or use impersonation [1]

Now the problem is of course that you have to store the domain username
and password somewhere
(At least with a SQL Server user the account info would only allow
someone access to SQL Server and was so easier to lock down)

Chris

[1] http://msdn.microsoft.com/en-us/library/aa292118(VS.71).aspx

===================================
This list is hosted by DevelopMentorĀ®  http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Bookmark with:

Delicious   Digg   reddit   Facebook   StumbleUpon

opensubscriber is not affiliated with the authors of this message nor responsible for its content.