ASP.Net, firewall, SQL Server ... Integrated security?

From: Philo (philo@saintchad.maps.org)
Date: 08/15/02

Next message: Steven Paplanus: "login failure problem when trying to load a file from network share"
Previous message: Harold Ommert[MS]: "RE: Access to the registry key is denied - Creating Custom Log"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Philo <philo@saintchad.maps.org>
Date: 15 Aug 2002 19:56:55 GMT

I have an ASP.Net application that I designed with integrated security,
including accessing SQL Server via group permissions.

In the production system the web server is in the DMZ with a firewall
between it and SQL Server. This makes Active Directory problematic because
it means opening a NetBIOS hole in the firewall, which means we might as
well not have a firewall.

I *think* without AD integrated security is problematic, if it can work at
all, right?

So - with this setup what are others doing for security? Simple forms-
based? or is there a solution I'm missing?

Thanks,
Philo

Next message: Steven Paplanus: "login failure problem when trying to load a file from network share"
Previous message: Harold Ommert[MS]: "RE: Access to the registry key is denied - Creating Custom Log"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Please explain loss of token between web server box and sql box
... relating to Integrated Security with Asp.Net IIS 5 and Sql Server 2k. ... The problem arises when endeavouring to use Integrated Security at all ... grant the group Sql Server access and rights to the relevant database. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Connecting to a sql server database
... You are trying to use integrated security in your app (as is shown in the ... line numbered code where the connection string is shown). ... sql server, hence integrated security fails. ... > causing the error message and what the correction for this. ...
(microsoft.public.dotnet.general)
Re: Active Directory and SQL Server Connection
... when you say that you intend to use integrated security, ... creating a WindowsIdentity and calling Impersonate on that. ... > Thanks Sahil, ... so they have access to the sql server. ...
(microsoft.public.dotnet.framework.adonet)
Re: Please explain loss of token between web server box and sql box
... The client user principal is a W2K AD domain member, the users accounts must be set up as "delegatable" in the AD. ... The IIS server's "machine account" is trusted for delegation in the AD. ... The SQL server SPN must be registered in the AD, or must run under "localsystem" identity. ... > relating to Integrated Security with Asp.Net IIS 5 and Sql Server 2k. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Call a stored proc. from a Smart Device.
... If you want to use Integrated Security you must explicitly set User ID ... also you may try use SQL Server Authentication: ... > Thanks for advising me on right clicking and adding the reference. ... > I'm pretty sure the connection is good, I wrote a Window Form app and cut ...
(microsoft.public.dotnet.framework.compactframework)