Connecting Tech Pros Worldwide Forums | Help | Site Map
bytes > topic > visual basic .net > answers

Security Issues between SQL 2000 and ASP NET. Need help badly.

IcedCrow
Guest
  
Posts: n/a
#1: Nov 20 '05
I have stumbled upon a serious problem and I hope someone
can help me out.

I have programmed a web service in VB.NET.

When I use integrated security for the piece, of course
it does not use my log in but the ASP log in. No
problem. I get an error.

So first in experiment I try and use the sa account. I
type his account in and password and then I get a "User
not Trusted" error even though the credentials I passed
were correct.

So then I add the ASPNET user to SQL and give him public
access to a database. I try passing the ASPNET login
with the password and I get a time out error.

I then try using plain old integrated security but it
again times out.

Does anyone know what I need to do to set this
connection?? (I am also using ADO.NET)

Thanks!

Cor
Guest
  
Posts: n/a
#2: Nov 20 '05

re: Security Issues between SQL 2000 and ASP NET. Need help badly.

Hi Iced Crow,
Did you know that the public.asp.net newsgroup exist.
I believe that in that newsgroup you will get a faster answer to this kind
of questions than in the vb.net language group.
Cor
Herfried K. Wagner [MVP]
Guest
  
Posts: n/a
#3: Nov 20 '05

re: Security Issues between SQL 2000 and ASP NET. Need help badly.

"IcedCrow" <charoncrow@aol.com> scripsit:[color=blue]
> I have programmed a web service in VB.NET.
>
> When I use integrated security for the piece, of course
> it does not use my log in but the ASP log in. No
> problem. I get an error.
>
> So first in experiment I try and use the sa account. I
> type his account in and password and then I get a "User
> not Trusted" error even though the credentials I passed
> were correct.
>
> So then I add the ASPNET user to SQL and give him public
> access to a database. I try passing the ASPNET login
> with the password and I get a time out error.
>
> I then try using plain old integrated security but it
> again times out.
>
> Does anyone know what I need to do to set this
> connection?? (I am also using ADO.NET)[/color]

You may want to turn to the ng for ASP.NET related questions:

<news://msnews.microsoft.com/microsoft.public.dotnet.framework.aspnet>

Web interface:

<http://msdn.microsoft.com/newsgroups/default.asp?url=/newsgroups/loadframes.asp?icp=msdn&slcid=us&newsgroup=microso ft.public.dotnet.framework.aspnet>

--
Herfried K. Wagner
MVP · VB Classic, VB.NET
<http://www.mvps.org/dotnet>
Kirk
Guest
  
Posts: n/a
#4: Nov 20 '05

re: Security Issues between SQL 2000 and ASP NET. Need help badly.

Using the Windows Only security setting in SQL with an ASP.net or ASP.net
Web service is a pain. The best option you have is to change your security
setting in SQL to use SQL Server and Windows. Then you can create a SQL
login and use that in your application. This setting is almost for sure the
reason you are not able to use sa for a login (not that you would use sa for
a program to login anyway *g*)

Kirk Graves

"IcedCrow" <charoncrow@aol.com> wrote in message
news:105c01c3895d$f2b3a850$a301280a@phx.gbl...[color=blue]
> I have stumbled upon a serious problem and I hope someone
> can help me out.
>
> I have programmed a web service in VB.NET.
>
> When I use integrated security for the piece, of course
> it does not use my log in but the ASP log in. No
> problem. I get an error.
>
> So first in experiment I try and use the sa account. I
> type his account in and password and then I get a "User
> not Trusted" error even though the credentials I passed
> were correct.
>
> So then I add the ASPNET user to SQL and give him public
> access to a database. I try passing the ASPNET login
> with the password and I get a time out error.
>
> I then try using plain old integrated security but it
> again times out.
>
> Does anyone know what I need to do to set this
> connection?? (I am also using ADO.NET)
>
> Thanks![/color]
Chris Nye
Guest
  
Posts: n/a
#5: Nov 20 '05

re: Security Issues between SQL 2000 and ASP NET. Need help badly.

Kirk,

Thank you very much for the reply. I was up late last night pounding on
this thing and this morning I was finally able to solve my puzzle doing
exactly what you said. Once I set it to SQL security everything was
happy.

I realize I wouldn't use SA in a production enviornment, this is for a
classroom enviornment.

I have experience with DBAs not even wanting to grant anything to the
ASP or ASPNET user accounts... I'm sure there will be much flack given
on this but... sa it is for now.

Again thanks for the reply.

~IC

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Closed Thread

« previous question | next question »

/bytes/development

/bytes/it

Forums
Visit our community forums for general discussions and latest on Bytes

Our staff and community areas have moved to bytes.com/forums/

/bytes/about

We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights. Get the best answers to your questions from over 226,537 network members.

dev questions:
algorithms | asp | asp.net | c/c++ | coldfusion | c# | flash | html/css | java | javascript |
mobile dev | .net | perl | php | python | ruby | software dev | vb.net | visual basic | xml
it questions:
access | apache | careers | db2 | iis | macosx | mysql | networking | oracle | postgresql | sql server | unix | windows

About Bytes | Copyright 1995-2009 BYTES. All rights Reserved