First of all, I have never done any web-based stuff, so if the
following sounds ignorant, it's because I am!
So far all our SQL Servers are accessed only over our network and we
use Windows authentication. Now the guy I'm working with on the
design of our next stuff wants the two new databases (a transactional
one and my data warehouse) to be additionally accessed by web-based
applications via our company intranet (NOT THE INTERNET). How do we
authenticate under these conditions? The webserver machine will be
talking to the SQL Server ones, i.e. the databases will each be on the
their own separate boxes. Can the webserver be a "user"? If so,
and we want the actual users to have different privileges, then the
web-based apps have to manage that? Or is there a way for the
web-based apps to grab the Windows user and pass it to SQL Server?
7  1523 
Create two new user logins and assign each login to a specific DB. They
should be SQL authentication and the web application must have the user/pass
specified in the connection string. If the web server is on the trusted
network you shouldn't open any ports in a firewall. You should be set to go.
Rob
"Ellen K." <72************************@compuserve.com> wrote in message
news:2p********************************@4ax.com... First of all, I have never done any web-based stuff, so if the
following sounds ignorant, it's because I am!
So far all our SQL Servers are accessed only over our network and we
use Windows authentication. Now the guy I'm working with on the
design of our next stuff wants the two new databases (a transactional
one and my data warehouse) to be additionally accessed by web-based
applications via our company intranet (NOT THE INTERNET). How do we
authenticate under these conditions? The webserver machine will be
talking to the SQL Server ones, i.e. the databases will each be on the
their own separate boxes. Can the webserver be a "user"? If so,
and we want the actual users to have different privileges, then the
web-based apps have to manage that? Or is there a way for the
web-based apps to grab the Windows user and pass it to SQL Server?
Thanks.
On Thu, 22 Apr 2004 12:25:15 +0200, "Simon Hayes" <sq*@hayes.ch>
wrote:
"Ellen K." <72************************@compuserve.com> wrote in message
news:2p********************************@4ax.com.. . First of all, I have never done any web-based stuff, so if the
following sounds ignorant, it's because I am!
So far all our SQL Servers are accessed only over our network and we
use Windows authentication. Now the guy I'm working with on the
design of our next stuff wants the two new databases (a transactional
one and my data warehouse) to be additionally accessed by web-based
applications via our company intranet (NOT THE INTERNET). How do we
authenticate under these conditions? The webserver machine will be
talking to the SQL Server ones, i.e. the databases will each be on the
their own separate boxes. Can the webserver be a "user"? If so,
and we want the actual users to have different privileges, then the
web-based apps have to manage that? Or is there a way for the
web-based apps to grab the Windows user and pass it to SQL Server?
You might get a better response in an ASP forum (if that's the web platform
you're using), but I can give you some basic answers. The webserver can be a
user - if it uses a domain service account (just like SQL Server), then that
account can be an MSSQL login. In this case, you would have to manage
permissions entirely within your application, as the only account accessing
MSSQL would be the web server service account. Alternatively, some
combinations of web server and browser can impersonate a specific user (I
believe IE/IIS can do this, no idea about other possibilities), so that your
authentication would work as normal.
Simon
Thanks.
On Thu, 22 Apr 2004 14:51:31 GMT, "Rob Wahmann" <ro*@dotcomstudio.biz>
wrote: Create two new user logins and assign each login to a specific DB. They
should be SQL authentication and the web application must have the user/pass
specified in the connection string. If the web server is on the trusted
network you shouldn't open any ports in a firewall. You should be set to go.
Rob
"Ellen K." <72************************@compuserve.com> wrote in message
news:2p********************************@4ax.com.. . First of all, I have never done any web-based stuff, so if the
following sounds ignorant, it's because I am!
So far all our SQL Servers are accessed only over our network and we
use Windows authentication. Now the guy I'm working with on the
design of our next stuff wants the two new databases (a transactional
one and my data warehouse) to be additionally accessed by web-based
applications via our company intranet (NOT THE INTERNET). How do we
authenticate under these conditions? The webserver machine will be
talking to the SQL Server ones, i.e. the databases will each be on the
their own separate boxes. Can the webserver be a "user"? If so,
and we want the actual users to have different privileges, then the
web-based apps have to manage that? Or is there a way for the
web-based apps to grab the Windows user and pass it to SQL Server?
"Ellen K." <72************************@compuserve.com> wrote in message
news:2p********************************@4ax.com... First of all, I have never done any web-based stuff, so if the
following sounds ignorant, it's because I am!
So far all our SQL Servers are accessed only over our network and we
use Windows authentication. Now the guy I'm working with on the
design of our next stuff wants the two new databases (a transactional
one and my data warehouse) to be additionally accessed by web-based
applications via our company intranet (NOT THE INTERNET). How do we
authenticate under these conditions? The webserver machine will be
talking to the SQL Server ones, i.e. the databases will each be on the
their own separate boxes. Can the webserver be a "user"? If so,
and we want the actual users to have different privileges, then the
web-based apps have to manage that? Or is there a way for the
web-based apps to grab the Windows user and pass it to SQL Server?
You might get a better response in an ASP forum (if that's the web platform
you're using), but I can give you some basic answers. The webserver can be a
user - if it uses a domain service account (just like SQL Server), then that
account can be an MSSQL login. In this case, you would have to manage
permissions entirely within your application, as the only account accessing
MSSQL would be the web server service account. Alternatively, some
combinations of web server and browser can impersonate a specific user (I
believe IE/IIS can do this, no idea about other possibilities), so that your
authentication would work as normal.
Simon
Create two new user logins and assign each login to a specific DB. They
should be SQL authentication and the web application must have the user/pass
specified in the connection string. If the web server is on the trusted
network you shouldn't open any ports in a firewall. You should be set to go.
Rob
"Ellen K." <72************************@compuserve.com> wrote in message
news:2p********************************@4ax.com... First of all, I have never done any web-based stuff, so if the
following sounds ignorant, it's because I am!
So far all our SQL Servers are accessed only over our network and we
use Windows authentication. Now the guy I'm working with on the
design of our next stuff wants the two new databases (a transactional
one and my data warehouse) to be additionally accessed by web-based
applications via our company intranet (NOT THE INTERNET). How do we
authenticate under these conditions? The webserver machine will be
talking to the SQL Server ones, i.e. the databases will each be on the
their own separate boxes. Can the webserver be a "user"? If so,
and we want the actual users to have different privileges, then the
web-based apps have to manage that? Or is there a way for the
web-based apps to grab the Windows user and pass it to SQL Server?
Thanks.
On Thu, 22 Apr 2004 12:25:15 +0200, "Simon Hayes" <sq*@hayes.ch>
wrote:
"Ellen K." <72************************@compuserve.com> wrote in message
news:2p********************************@4ax.com.. . First of all, I have never done any web-based stuff, so if the
following sounds ignorant, it's because I am!
So far all our SQL Servers are accessed only over our network and we
use Windows authentication. Now the guy I'm working with on the
design of our next stuff wants the two new databases (a transactional
one and my data warehouse) to be additionally accessed by web-based
applications via our company intranet (NOT THE INTERNET). How do we
authenticate under these conditions? The webserver machine will be
talking to the SQL Server ones, i.e. the databases will each be on the
their own separate boxes. Can the webserver be a "user"? If so,
and we want the actual users to have different privileges, then the
web-based apps have to manage that? Or is there a way for the
web-based apps to grab the Windows user and pass it to SQL Server?
You might get a better response in an ASP forum (if that's the web platform
you're using), but I can give you some basic answers. The webserver can be a
user - if it uses a domain service account (just like SQL Server), then that
account can be an MSSQL login. In this case, you would have to manage
permissions entirely within your application, as the only account accessing
MSSQL would be the web server service account. Alternatively, some
combinations of web server and browser can impersonate a specific user (I
believe IE/IIS can do this, no idea about other possibilities), so that your
authentication would work as normal.
Simon
Thanks.
On Thu, 22 Apr 2004 14:51:31 GMT, "Rob Wahmann" <ro*@dotcomstudio.biz>
wrote: Create two new user logins and assign each login to a specific DB. They
should be SQL authentication and the web application must have the user/pass
specified in the connection string. If the web server is on the trusted
network you shouldn't open any ports in a firewall. You should be set to go.
Rob
"Ellen K." <72************************@compuserve.com> wrote in message
news:2p********************************@4ax.com.. . First of all, I have never done any web-based stuff, so if the
following sounds ignorant, it's because I am!
So far all our SQL Servers are accessed only over our network and we
use Windows authentication. Now the guy I'm working with on the
design of our next stuff wants the two new databases (a transactional
one and my data warehouse) to be additionally accessed by web-based
applications via our company intranet (NOT THE INTERNET). How do we
authenticate under these conditions? The webserver machine will be
talking to the SQL Server ones, i.e. the databases will each be on the
their own separate boxes. Can the webserver be a "user"? If so,
and we want the actual users to have different privileges, then the
web-based apps have to manage that? Or is there a way for the
web-based apps to grab the Windows user and pass it to SQL Server? This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Ashish |
last post by:
Hi Guys
I am getting the following error while implementing authentication using
WS-security.
"Microsoft.Web.Services2.Security.SecurityFault: The security token could
not be authenticated...
|
by: Dave |
last post by:
I have a ASP.net application that work fine with IIS 5.0. I'm trying to put
it on IIS 6.0.
And getting the following error.
ASP is enable
It is in a virtual directory - I also follow the...
|
by: Henrik Skak Pedersen |
last post by:
Hi,
I have a set up where a windows client connects to a web service to retrieve
a license file. The client is a consumer product which is beeing distributed
to multiple locations.
1) I would...
|
by: KaNos |
last post by:
Hello world,
I've made a webservice (c# v2) to install in a server IIS 6 on a Windows
2000 last SP. We can use the webservice in local, throw the pages wich
present the methods, with a windows...
|
by: WebServiceSecurity |
last post by:
The issue involves the following technologies: -
1. .NET 2.0 Framework
2. WSE2.0 (WS-Security)
3. X.509 certificates
4. BEA Weblogic 8.1.5
|
by: alf |
last post by:
I have an app that was running in my local server using full trust, now I
moved it to hosting company wish run in Medium trust.
Then I get a Security exception (details below)
Then I configured...
|
by: confused1234 |
last post by:
I get the error at the bottom of this post when i click on a linkbutton,
javascript:__doPostBack('ctl00$Main$btnchangeemail','')
The problem is intermitant, sometimes it works and sometimes...
|
by: =?Utf-8?B?TWFuanJlZSBHYXJn?= |
last post by:
Hi
I am creating a web service PreprocessingService with IIS Hosting and
transport layer security with user name and password.
I created a self-signed certificate IISHost in IIS which is issued...
|
by: Nathan Sokalski |
last post by:
When I call System.Web.Security.Roles.GetRolesForUser() it returns no
results even though I have roles associated with the currently logged in
user. I am able to get the username by calling...
|
by: VictorG |
last post by:
Hello,
I am trying to secure a webservice using WSE 3.0 and the turnkey
usernameForCertificateSecurity profile. I am passing a valid username
token, and on the server I have overridden the...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
| |
