Looking for ASP.NET/SQL Server 2000 App Security Recommendations

From: Kenneth Courville (kcourville@yahoo.com)
Date: 08/29/02

• Next message: Dot: "Unexpected error writing metadata"
• Previous message: Eric Tan: "Re: Prevent Caching in Dotnet"
• Next in thread: Jeff Smith: "Re: Looking for ASP.NET/SQL Server 2000 App Security Recommendations"
• Reply: Jeff Smith: "Re: Looking for ASP.NET/SQL Server 2000 App Security Recommendations"
• Reply: Peter O'Reilly: "Re: Looking for ASP.NET/SQL Server 2000 App Security Recommendations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From:     Kenneth Courville <kcourville@yahoo.com>
Date: Thu, 29 Aug 2002 07:50:27 -0700

I am working on an active directory user management app with an ASP.NET
interface. User account requests are stored in a SQL Server 2000 store,
where there are later processed by a windows service that is more
capable of making the required Active Directory changes.

What I'm trying to figure out now is the best way to secure the
connection between the ASP.NET interface and the data store.

The application already has forms authentication and role-based security
implimented. We have the SQL Server set up as mixed mode security. IIS
allows anonymous connections.

I guess the main question that I'm trying to answer is how should the
connection string information be stored for and accessed by the
application? I know that I don't want to hard code this information.

Any other experiences and insight that you're willing to throw at me for
this particular situation would be appreciated as well.

----------------------------------------
http://members.tripod.com/kcourville0/

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

---

• text/html attachment: _alt.0

---

• Next message: Dot: "Unexpected error writing metadata"
• Previous message: Eric Tan: "Re: Prevent Caching in Dotnet"
• Next in thread: Jeff Smith: "Re: Looking for ASP.NET/SQL Server 2000 App Security Recommendations"
• Reply: Jeff Smith: "Re: Looking for ASP.NET/SQL Server 2000 App Security Recommendations"
• Reply: Peter O'Reilly: "Re: Looking for ASP.NET/SQL Server 2000 App Security Recommendations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Newbie help ... think I can probably get what I need using SQL Server (the ... > To efficiently store and retrieve data for your needs, ... You only store changed values (as ... (microsoft.public.sqlserver.programming) Re: meta data & full text search ... There are more issues (transaction control, change control, audit of ... storing the files in a SQL Server table's column defined with an IMAGE ... if you store the files ... consistency of the database, indices, backup, restore, etc. ... (microsoft.public.sqlserver.fulltext) Re: [STAThread] ... Java failed on the Windows client. ... SQL Server and many more expsose ... The unmanaged hosting interface ... 'Apartment' threaded COM objects have STA thread affinity, ... (microsoft.public.dotnet.languages.csharp) Re: Tabs, Comboxes and ADO.Net Problems ... Thank You Bart. ... I was hoping SQL Server might solve problem 1. ... The ADO.Net interface that addresses this ... The problem is that sometimes and only sometimes the dll won't ... (microsoft.public.dotnet.languages.csharp) Re: Access 2000 - Realtime Development - Should i stick with Access97 ... if I needed to start using SQL Server to store Tables of an Access 97 front ... would this force the need to upgrade. ... > is because you have support clients who are using later versions. ... (microsoft.public.access.modulesdaovba)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)