We served 2,120,289 users last month
 How to find a suitable job?
  Blue Theme Orange Theme Green Theme Red Theme
 
Dundas Dashboard
Home | Forums | Videos | Photos | Downloads | Blogs | E-Books | Interviews | Jobs | Beginners | Training
 | Consulting  
Submit an Article Submit a Blog 
 Login Close
User Id:
Password:
 
Forgot Password
Forgot Username
Why Register
 Jump to
Skip Navigation Links
TechnologyExpand Technology
WebsiteExpand Website
Sponsored by
World Class ASP.NET Hosting - 3 Month Free Hosting, Click Here!
Become a Sponsor
 Resources  
Close
 Our Network  
Close
Search :       Advanced Search »
Home » Security in .NET » ASP.NET security with SQL Server 2005

ASP.NET security with SQL Server 2005
By  Sanjay Gulati July 11, 2006

This article focuses on security concerm when using SQL Server 2005 in ASP.NET application.
Technologies: ASP.NET 1.0, Security,Visual C# .NET
Total downloads :
Total page views :  37779
Rating :
 5/5
This article has been rated :  1 times
   Print Read/Post comments Post a comment  Rate  
   Email to a friend  Bookmark  Similar Articles  Author's other articles  
 
Sponsored by
Become a Sponsor


Related EbooksTop Videos

Today I was trying to access the web page from and getting following error
Error Message:Login failed for user . The user is not associated with a trusted SQL Server connection.

Web server and database are on different server and I am using Virtual machines (VMWare) for my development and DB server.

There can be problem in SQL server or IIS or application, so lets start with SQL Server.

SQL Server Settings: The security should be set for SQL Server and Windows Authentication.

The SQL server has the logins for authenticated users and has proper permissions as I also use development machine to maintain DB.

IIS: Open IIS and select properties and under directory security tab click edit button.

Uncheck Anonymous access and check integrated windows security; integrated windows security will enable users login to be used for authentication instead of IIS default user.

Now, lets put application web.config under microscope.

I have custom error tag to redirect error to default page

<customErrors mode="On" defaultRedirect="showError.aspx">

</customErrors>

 

This is good and for testing I set the Mode tag to off.

 

Connection string uses integrated security tag and set it to true.

"server=servername;database=TestDB;Integrated Security=true" />

 

Here is another tag identity. Ah! Impersonate is false and I want it false so I can have connection pooling.

 

<identity impersonate="false"/>

 

So where is the problem, all the setting seems right, why the heck it does not work.

 

I changes the identity impersonate tag to true and Voila! It works.J

 

For the time being I can work but it's not a solution. L Adding a login to SQL Server for IIS user of web server is also not going to work. 

Login to add your contents and source code to this article
 [Top] Rate this article
 About the author
 
Sanjay Gulati
I have been having fun with computers for the last 15 years and worked on many languages and platforms. Currently working with .net 2.0.
Looking for C# Consulting?
C# Consulting is founded in 2002 by the founders of C# Corner. Unlike a traditional consulting company, our consultants are well-known experts in .NET and many of them are MVPs, authors, and trainers. We specialize in Microsoft .NET development and utilize Agile Development and Extreme Programming practices to provide fast pace quick turnaround results. Our software development model is a mix of Agile Development, traditional SDLC, and Waterfall models.
Click here to learn more about C# Consulting.
 
Introducing MaxV - one click. infinite control. Hyper-V Hosting from MaximumASP.
Finally – a virtual platform that delivers next-generation Windows Server 2008 Hyper-V virtualization technology from a managed hosting partner you can truly depend on. Visit www.maximumasp.com/max for a FREE 30 day trial. Hurry offer ends soon. Climb aboard the MaxV platform and take advantage of High Availability, Intelligent Monitoring, Recurrent Backups, and Scalability – with no hassle or hidden fees. As a managed hosting partner focused solely on Microsoft technologies since 2000, MaximumASP is uniquely qualified to provide the superior support that our business is built on. Unparalleled expertise with Microsoft technologies lead to working directly with Microsoft as first to offer IIS 7 and SQL 2008 betas in a hosted environment; partnering in the Go Live Program for Hyper-V; and product co-launches built on WS 2008 with Hyper-V technology.
Dynamic PDF
ceTE software specializes in components for dynamic PDF generation and manipulation. The DynamicPDF™ product line allows you to dynamically generate PDF documents, merge PDF documents and new content to existing PDF documents from within your applications.
Go.NET
Build custom interactive diagrams, network, workflow editors, flowcharts, or software design tools. Includes many predefined kinds of nodes, links, and basic shapes. Supports layers, scrolling, zooming, selection, drag-and-drop, clipboard, in-place editing, tooltips, grids, printing, overview window, palette. 100% implemented in C# as a managed .NET Control. Document/View/Tool architecture with many properties&events. Optional automatic layout.
Dundas Software
Dundas Chart for .NET is the most advanced .NET charting package available today.  With an extremely complete feature set, elegant architecture and easy implementation, Dundas Chart can quickly add advanced Charting functionality to enhance and transform ASP.NET and Windows Forms applications.  Whether you are implementing charting into internal projects, or building applications for clients, Dundas Chart offers advanced technology and advanced results to get the most out of data.
Clickatell's SMS Gateway
Clickatell's Developer Solutions allow you to SMS enable any website or application via a range of API's. Learn More about our API connections.
Free access to .NET Memory Management video
Everything you need to know about Garbage Collection, Temporary Objects, Fragmentation, Finalization and common causes of memory leaks in .NET. Watch the video here.
Microsoft Visual Studio 2010
Microsoft Visual Studio 2010 offers more to developers than any other Visual Studio release. Work more productively and collaboratively-with greater control over your work at every step. The Beta 2 can give you a head start on achieving efficiency.
 
   Print Read/Post comments Post a comment  Rate  
   Email to a friend  Bookmark  Similar Articles  Author's other articles  
 
 Post a Feedback, Comment, or Question about this article
Subject:  
Comment:  
Sponsored by
Dundas Dashboard
Become a Sponsor
 Comments
New devlopment by Sanjay On May 15, 2006

Well, If I put user id and password in connection string with common account for all user for connection pooling then impersonate can be set to false.

Only bad thing about that is user id and password are in plain text. I understand, connection string can be encryped and may be that's inevitable.

Reply | Email | Delete | Modify | 
code for connectivity to sql server2000 in asp.net using c#.net by sheresha On June 8, 2007
plzz help me . its urgent
Reply | Email | Delete | Modify | 

 Hosted by MaximumASP  |  Found a broken link?  |  Contact Us  |  Terms & conditions  |  Privacy Policy  |  Site Map  |  Suggest an Idea  |  Media Kit
Current Version: 5.2009.6.2
 © 1999 - 2009  Mindcracker LLC. All Rights Reserved