Ask a Question related to ASP Database, Design and Development.
-
Hernán Castelo #1
security: sql or win connections ?
hi
i have 4 accounts in sql : userType1...., 4
and .Asp pages that connect to sql2K using one of them
each account can only execute its stored procedures
each account have its own password
then i have the connection strings in an #include file
I readed that existence of a plain text connection string is a weak,
that is better to use windows authentication to connect
in this situation :
how can i distinguish the user type that is connecting ???
do i have to make the connection specifying
a user type or something like this..... ??
how should i connect?
have anyone a sample ?
thanks
--
atte,
Hernán Castelo
UTN Buenos Aires
.. . . . . . . . . . . . . . . . . . . . . . . . . .
Hernán Castelo Guest
-
Change Flash Security Settings? Security ManagerOffline?
Hello I have downloaded firefox and flash player, I have content which when I run it, flash blocks it wisely and reports that the page is trying... -
Error: code:Channel.Security.Error string:'Security
Flex 2.0 beta 1 I created an mxml application with the following tag: <mx:WebService id="ws"... -
System.Security.SecurityException: Security error
Dear All, The problem or error which I am getting while running my web application is as given below: Security Exception Description: The... -
Security tool to check CGI scripts for security holes/vulnerabities
I'm searching for a good security tool that I can use regularly to scan all the programs/scripts in my web servers cgi-bin directory to identify... -
Asp.Net Security Analyser (new security tool by DDPlus)
Hello I'm happy to announce that we (DDPlus) have just released the first stable version of our new Open Source Project: the Asp.Net Security... -
Aaron Bertrand [MVP] #2 Re: security: sql or win connections ?
You can use windows authentication if your web app only requires one user,
and the application / site is set to use anonymous access but has a domain
user set as the anonymous user (who is also allowed in SQL Server).
Or, if you have all 4 users set up as Windows users, and you disable
anonymous access, and force the users to authenticate as one of the four
users.
In either case, you only need one connection string. See
[url]http://www.aspfaq.com/2126[/url]
--
Aaron Bertrand
SQL Server MVP
[url]http://www.aspfaq.com/[/url]
"Hernán Castelo" <hhh@hotmail.com> wrote in message
news:u1mf7mCGEHA.3180@TK2MSFTNGP12.phx.gbl...> hi
> i have 4 accounts in sql : userType1...., 4
> and .Asp pages that connect to sql2K using one of them
>
> each account can only execute its stored procedures
> each account have its own password
> then i have the connection strings in an #include file
>
> I readed that existence of a plain text connection string is a weak,
> that is better to use windows authentication to connect
> in this situation :
> how can i distinguish the user type that is connecting ???
> do i have to make the connection specifying
> a user type or something like this..... ??
> how should i connect?
> have anyone a sample ?
>
> thanks
> --
> atte,
> Hernán Castelo
> UTN Buenos Aires
> . . . . . . . . . . . . . . . . . . . . . . . . .
> .
>
>
Aaron Bertrand [MVP] Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
