Tuesday, March 20, 2012

Authentication Advice

I am new to SQL and have been developing my database slowly - this is still
underway.
However, I have just started giving some thought to security of the server
it will sit on and I am not sure of the best solution. The server has not
been installed yet, but will be in the near future.
This is a SQL 2000 server (on Windows 2003 Server), which will sit within my
2000 Server LAN/WAN. It will be used by an ASP appication which is sat on a
2003 Web Edition server in my DMZ, and so will be accessed by internal LAN
users and external Internet users.
What is the best method of authentication - what would you all suggest?
Thanks
I would do the following. Create local windows accounts for each web site
on both the web server and the SQL Server with the same password. eg
(WEBSERVER\WebSiteA and SQLSERVER\WebSiteA).
Configure your web site to only allow anonymous access. Set the account
used for anonymous access to the one created on the web server above.
Disable automatic password synchronisation.
On the SQL sever give the account you just created access to your database.
In your connection string add "Trusted_Connection=Yes" rather than username
and password. (I am assuming you are using ADO)
This will allow you to use windows authentication to log into SQL Server
from your web servers in the DMZ.
HTH
Barry McAuslin
Look inside your SQL Server files with SQL File Explorer.
Go to http://www.sqlfe.com for more information.
"Keith" <@..> wrote in message news:uFTrm7bGEHA.2768@.tk2msftngp13.phx.gbl...
> I am new to SQL and have been developing my database slowly - this is
still
> underway.
> However, I have just started giving some thought to security of the server
> it will sit on and I am not sure of the best solution. The server has not
> been installed yet, but will be in the near future.
> This is a SQL 2000 server (on Windows 2003 Server), which will sit within
my
> 2000 Server LAN/WAN. It will be used by an ASP appication which is sat on
a
> 2003 Web Edition server in my DMZ, and so will be accessed by internal LAN
> users and external Internet users.
> What is the best method of authentication - what would you all suggest?
> Thanks
>
Posted by Sanders at 9:56 PM
Labels: , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)