RE: SQL Authentication
From: Kevin McDonnell [MSFT] (kevmc_at_online.microsoft.com)
Date: 03/10/04
- Next message: Kevin McDonnell [MSFT]: "RE: Exposing data"
- Previous message: Kevin McDonnell [MSFT]: "RE: Win2000 OS Access for SQL Server Admin"
- In reply to: anonymous_at_discussions.microsoft.com: "SQL Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 10 Mar 2004 19:38:07 GMT
Most web applications that are expose to the internet are annonymous.
Is your question related to making Trusted Connections to SQL in the same
context as the IUSR_machine account, or impersonate the user hitting the
web site?
Windows Auth from a DMZ environment to a server in your Corp environment
would expose numerous ports to enable. One method that you can evaluate is
having a domain in the DMZ with a 1 way Trust to the DC in your corp
environment. Then secure the channel between the two DC's with IPSec. You
should evaluate this in a lab first to make sure it meets your requirements.
Other choices are using Standard SQL Authentication with SSL encryption.
This would only require 1433. You could also consider using application
roles as well.
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.
- Next message: Kevin McDonnell [MSFT]: "RE: Exposing data"
- Previous message: Kevin McDonnell [MSFT]: "RE: Win2000 OS Access for SQL Server Admin"
- In reply to: anonymous_at_discussions.microsoft.com: "SQL Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
