Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
AskSQLTeam
Ask SQLTeam Question
0 Posts |
 Posted - 2005-08-11 : 08:03:05
|
| Nemisis writes "Hi there,I have a SQL 2000 database and many ASP pages to make a web application. Many users can access this via a username and password, which can be used from anywhere that has the internet.My question to you is that after reading many SQL forums, discussions etc, i believe that Windows Authentication is best, but can i use it and would you recommend using it, or it the SQL Authentication OK.I forgot to mention that there is more than 1 database on the server, and certain users can access certain databases ONLY!!Thanks" |
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
Posted - 2005-08-11 : 09:15:21
|
i think you're mixing win/sql login with your app logins.app logins are usually stored in a table from which you read your username and addres.win/sql logins are used in your connection string when connecting to sql server.can you give more info?Go with the flow & have fun! Else fight the flow  |
 |
|
|
simondeutsch
Aged Yak Warrior
547 Posts |
Posted - 2005-08-11 : 22:32:18
|
| It sounds like your scenario calls for SQL Authentication. Windows Authentication would be for an intranet or regular app.Basically, with Windows Authentication, SQL Server tries to use the security credentials used by the user when logging onto Windows. With SQL Authentication, the login name is mapped to one in SQL Server.If using SQL Authentication, you might have to specify "TRUSTED_CONNECTION=NO" in your connection string because ADO could default to Windows/Mixed Authentication and not pass the security credentials. Also, if a SQL Server is configured to use mixed security and the user logs on with an SQL Server login, it will be ignored.Then again, if your users are kind of anonymous, meaning you have many users and you cannot manage their usernames/logins and specific logins are not so important, you can try using application roles.Sarah Berger MCSD |
|
|
|
|
|
|
|
|
Which Authentication??