When would you use scenerio one vs. scenerio two?
Scenerio one - IIS (anonymous, or anonymous and
integrated)--OLE DB Provider for SQL (integrated
security)-->SQL (mixed mode or windows
authentication)
Scenerion two - IIS (basic or integrated)--OLE DB
Provider for SQL (integrated security)--> SQL (mixed
mode or windows authentication)
Our environment has IIS and SQL Server on the same machine.Hi Michelle,
Merry Christmas and thank you for using MSDN Newsgroup! It's my pleasure to
assist you with your issue.
You are choosing the authentication way for you application run on IIS and
SQL Server with OLE DB Provider, right? From my experience, to design a
system with high efficency and security will take many aspects for
consideration, including the application environment, security, connection,
performance requirment, etc. It is hard to say that one way is better than
another. It depends on specifics. So you can refer to the following
articles from Microsoft :
Building Secure ASP.NET Applications: Authentication, Authorization, and
Secure Communication
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/SecNetch05.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/secnetlpMSDN.asp
Implementing a Secure Site with ASP
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/ht
ml/msdn_implement.asp
Designing Efficient Applications for Microsoft SQL Server
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsqlsg/htm
l/msdn_designeff.asp
Accessing SQL Server from a Web Application
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vbcon/html/
vbconaccessingsqlserverfromwebapplication.asp
Configuring Security for Internet Information Server
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsentpro/ht
ml/veconConfiguringSecurityForInternetInformationServer.asp
INF: Authentication Methods for Connections to SQL Server in Active Server
Pages
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:
80/support/kb/articles/Q247/9/31.ASP&NoWebContent=1
Microsoft Internet Information Server Security Overview
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dniis/html/
iissecure.asp
Optimizing SQL Server and IIS Security and Connectivity
http://www.sqlmag.com/Articles/Index.cfm?ArticleID=9150
The following articles are from some other website. Microsoft does not
guarentee the correctness of it. You can still take them for reference:
Using Windows Security with IIS and SQL Server 2000
http://www.winnetmag.com/Articles/ArticleID/23035/pg/2/2.html
IIS User Authentication
http://www.adiscon.com/IIS/gen001.htm
Setting SQL Server 7.0 and IIS Security
http://www.sqlmag.com/Articles/Index.cfm?ArticleID=9002
Hope this would be helpful in solving your problem. If you still have
questions, please feel free to post new message here and I am ready to help!
Best regards
Baisong Wei
Microsoft Online Support
----
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Please reply to newsgroups only. Thanks.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment