473,544 Members | 1,420 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Setting up integrated security to SQL Server

Hi,

I've read quite a few places where it recommends you use
integrated security in your connection string to SQL
Server

I tried this in test page to connect to the Northwind
database by setting my connection string to:

"data source=<mymachi nename>;initial
catalog=Northwi nd;integrated security=SSPI;"

It worked as long as I added ASPNET, the account used for
running ASP.NET Worker processes, as a SQL Server Login
with access to Northwind.

My question is shouldn't each web application on the
server have it's own ASPNET-type account so it only has
accesses the databases it needs?

For example, can I setup the following?

ASPNET_Northwin d (This account can only access the
Northwind site and the Northwind database)

ASPNET_Pubs ((This account can only access the Pubs site
and the Pubs database)

Otherwise if all sites use the same ASPNET account, they
can make queries to other databases.

how do I do this?

Thanks, Dave.

Nov 17 '05 #1
1 4728
Dave,

In IIS you can tell a web site to run using a network username and password.

In Interenet Information Services, right click the web site and open the
properties window for it.

Go to the Directory Security Tab and then click the Edit button in the
Anonymous access and authentication area.

In the Anonymous Access area make sure that Anonymous access is checked.

Please not the text in this area: "Account used for anonymous access:" Click
the Browse button and select the account you would like this web site to run
as.

(You should uncheck the Allow IIS to control password checkbox and provide
the password for the account.)

Now give this account access to the correct SQL database.

Sincerely,
--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
"Dave" <Da*********@ho tmail.com> wrote in message
news:07******** *************** *****@phx.gbl.. .
Hi,

I've read quite a few places where it recommends you use
integrated security in your connection string to SQL
Server

I tried this in test page to connect to the Northwind
database by setting my connection string to:

"data source=<mymachi nename>;initial
catalog=Northwi nd;integrated security=SSPI;"

It worked as long as I added ASPNET, the account used for
running ASP.NET Worker processes, as a SQL Server Login
with access to Northwind.

My question is shouldn't each web application on the
server have it's own ASPNET-type account so it only has
accesses the databases it needs?

For example, can I setup the following?

ASPNET_Northwin d (This account can only access the
Northwind site and the Northwind database)

ASPNET_Pubs ((This account can only access the Pubs site
and the Pubs database)

Otherwise if all sites use the same ASPNET account, they
can make queries to other databases.

how do I do this?

Thanks, Dave.

Nov 17 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1499
Integrated security problem
by: Guy Incognito | last post by:
Hello, I'm having a problem adding integrated security to an asp.net web application. IIS runs on server A and SQL server runs on server B. The folder containing the web application is set to run in a particular NT user's identity, let's call that identity "web_user". The problem is that when it opens a connection to SQL server using...
Microsoft SQL Server
3
8176
Help with java connection to MS SQL 2000 with windows integrated security
by: ebrahimbandookwala | last post by:
Hi , I am trying to connect to MS Sql server 2000 from Java (1.4.2 / 1.5 ). I installed my Sql Server(8.00.382) from the one supplied with VS.NET 2001. When I installed it on my laptop it did not ask me for a user name and password. After install when I re-started my machine I see the server started up with a green light. Now when I connect...
Microsoft SQL Server
1
27815
Integrated Security
by: Srinivasa Reddy K Ganji | last post by:
Hi I have come across this type of code at many places. New SqlConnection("Data Source=(local);Initial Catalog=XYZ;Integrated Security=SSPI;") I assume that the database connection details are hidden here. What is "Integrated Security=SSPI"? Can anyone guide me how to set this up using c#. Also is it possible to set up this type of...
ASP.NET
1
1747
integrated security=true
by: chris | last post by:
hi i want to give integrated security = true so i dont have to type my username or passowrd in the connection string but it doesnt work ConnStr = "data source=(local)" + "database=pubs;integrated security=true"; this is the error it gives me SQL Server does not exist or access denied. thanx
ASP.NET
6
1971
Using integrated security
by: Marina | last post by:
Hi, I would like to give the ASPNET process that is running on my machine permission to connect to a sql server database that is on another machine. When I try to do this it says: 'Windows NT user or user group 'mymachinename\ASPNET not found'. This all works however, if the databse server is my local machine. So the question then...
ASP.NET
5
4382
Passing User Credentials to site running under Integrated Security
by: cdlipfert | last post by:
Our intranet is running under windows integrated security. We have domain users that want to access our intranet site via ssl vpn. SSL VPN can not authenticate against services that run under windows integrated security. In order to get around this issue it seems that we would need to create a login page on a separate site that runs under...
ASP.NET
1
1456
Cannot use integrated security from a thread in ASP.Net/ Windows 2
by: Razvan | last post by:
This problem occurs in ASP.Net application, only on Windows 2000. Everything works fine on Windows Server 2003. Here is the scenario: I configured the application to use impersonation and integrated security to connect to the database. These are the corresponding lines in web.config <identity impersonate="true"...
ASP.NET
7
11238
VB.NET/Crystal - How do I change a report's connection "integrated security" to FALSE?
by: Henry | last post by:
I am writing a Windows forms VB.Net/MS SQL application via VS 2003 that utilizes Crystal Reports. I want to be able to dynamically set the report data source at run time. I'm trying to change the the reports "integrated security" from TRUE to FALSE via the "Set Location" dialog in the report designer with no success. It is not intuitive (at...
Visual Basic .NET
1
1539
SQL Server 2005 and Integrated Security
by: Michel Vanderbeke | last post by:
Hello, Each time I want to display a report through VB.NET code, I get a form inviting me to give a connection_id and a password. It contains also a checkbox where I can choose for Integrated Security. When I choose Integrated Security, I can display the report. My data are on SQL Server 2005. What can I put in code, so that the...
Visual Basic .NET
0
7607
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
C / C++
0
5909
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
Career Advice
1
5297
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
Microsoft Access / VBA
0
4918
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
C# / C Sharp
0
3415
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
Networking - Hardware / Configuration
0
3409
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
1841
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
1
988
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
661
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us