y********o 发帖数: 2565 | 1 I am testing dotnetcharting. I created a chartsample table in SQL Server 20
05 for this purpose.
My test application runs OK with the VS 2005 built-in web server. In other
words, I can check out my application like so:
http://localhost:3614/myTestApp/
I then copied the application to Inetpub\wwwroot\, and then when I tried to
check out this application like so:
http://localhost/myTestApp/
I get this error:
Server Error in '/myTestApp' Application.
Cannot open database "chartsample" requested b |
a*******t 发帖数: 891 | 2 the quickest way is to grantlogin on the SQL server
and map the login to a user in your chartsample database
in SQL2005 managment studio, go to security, login
add a new login. and also give sufficient access to the target database
20
other
to
【在 y********o 的大作中提到】 : I am testing dotnetcharting. I created a chartsample table in SQL Server 20 : 05 for this purpose. : My test application runs OK with the VS 2005 built-in web server. In other : words, I can check out my application like so: : http://localhost:3614/myTestApp/ : I then copied the application to Inetpub\wwwroot\, and then when I tried to : check out this application like so: : http://localhost/myTestApp/ : I get this error: : Server Error in '/myTestApp' Application.
|
c**t 发帖数: 2744 | 3 use impersonale
20
other
to
【在 y********o 的大作中提到】 : I am testing dotnetcharting. I created a chartsample table in SQL Server 20 : 05 for this purpose. : My test application runs OK with the VS 2005 built-in web server. In other : words, I can check out my application like so: : http://localhost:3614/myTestApp/ : I then copied the application to Inetpub\wwwroot\, and then when I tried to : check out this application like so: : http://localhost/myTestApp/ : I get this error: : Server Error in '/myTestApp' Application.
|
y********o 发帖数: 2565 | 4 do in web.config?
【在 c**t 的大作中提到】 : use impersonale : : 20 : other : to
|
y********o 发帖数: 2565 | 5 Thx, I was trying to add a new login like what you said, but I wasn't able t
o add ASPNET. SQL Server complains that ASPNET is not a valid Windows NT na
me.
I selected SQL Server authentication, but still did not get through.
【在 a*******t 的大作中提到】 : the quickest way is to grantlogin on the SQL server : and map the login to a user in your chartsample database : in SQL2005 managment studio, go to security, login : add a new login. and also give sufficient access to the target database : : 20 : other : to
|
k****i 发帖数: 1072 | 6 create a sql server account and use it in your connection string.
Impersonate is not a good idea here because it uses much more resources in
connection pool
20
other
to
【在 y********o 的大作中提到】 : I am testing dotnetcharting. I created a chartsample table in SQL Server 20 : 05 for this purpose. : My test application runs OK with the VS 2005 built-in web server. In other : words, I can check out my application like so: : http://localhost:3614/myTestApp/ : I then copied the application to Inetpub\wwwroot\, and then when I tried to : check out this application like so: : http://localhost/myTestApp/ : I get this error: : Server Error in '/myTestApp' Application.
|
y********o 发帖数: 2565 | 7 Thanks.
At home, I use SQL Server 2005 Express. I just checked, it
has MYCOMPUTERNAME\ASPNET. Look:
Security |
x*p 发帖数: 66 | 8 Don't use account ASPNET to access your database, it is unsafe. The correct
way is to create a special account for your web application, use aspnet_
setreg to encrypt it and save it in registry. You may find how to use it in
msdn. |
y********o 发帖数: 2565 | 9 Thanks.
To change the default ASPNET user of an ASP.NET application is to add
"userName=my_New_ASPNET_UserName"
to the processModel element of machine.config, right?
correct
in
【在 x*p 的大作中提到】 : Don't use account ASPNET to access your database, it is unsafe. The correct : way is to create a special account for your web application, use aspnet_ : setreg to encrypt it and save it in registry. You may find how to use it in : msdn.
|
s******t 发帖数: 45 | |
|
|
k****i 发帖数: 1072 | 11 You don't need to change the default aspnet credential.
What you need to do is to change the credential in your connectionstring,
encrypt it and put the connectionstring in configuration file
【在 y********o 的大作中提到】 : Thanks. : To change the default ASPNET user of an ASP.NET application is to add : "userName=my_New_ASPNET_UserName" : to the processModel element of machine.config, right? : : correct : in
|
a9 发帖数: 21638 | 12 why it's not safe?
aspnet has strong password created by .net framework
correct
in
【在 x*p 的大作中提到】 : Don't use account ASPNET to access your database, it is unsafe. The correct : way is to create a special account for your web application, use aspnet_ : setreg to encrypt it and save it in registry. You may find how to use it in : msdn.
|
L*********r 发帖数: 92 | 13 There are a lot of ways to connect ASP.net to SQL server. It is depend on
your use case to pick up the suitable approach.
Impersonate: This approach has problem if the client is not in the same
Window domain. But it has the advantage that different client has different
permission to access SQL server.
Built SQL Server user name/pwd into connection string: This approach is not
safe in view of security. All clients have the same permission to access SQL
server.
Change the identity of ASP.net worke |
y********o 发帖数: 2565 | 14 I have never encrypted the connection string. Would you please give more de
tails?
1. Do we encrypt the connection string with an encryption algorithm of our
choice?
2. And then put the encrypted connection string, presumably something like
"AE0139FADDE2AD009EADFEEAA23EAE61F329882E3F", in web.config?
3. Suppose it is the case that 2 is true, then don't we have to decrypt it
in the code behind like below?
SqlConnection conn =
new SqlConnection(DecryptMyConnectionString(myEncryptedConnection
【在 k****i 的大作中提到】 : You don't need to change the default aspnet credential. : What you need to do is to change the credential in your connectionstring, : encrypt it and put the connectionstring in configuration file
|
y********o 发帖数: 2565 | 15 I got it from google.
de
our
like
it
);
【在 y********o 的大作中提到】 : I have never encrypted the connection string. Would you please give more de : tails? : 1. Do we encrypt the connection string with an encryption algorithm of our : choice? : 2. And then put the encrypted connection string, presumably something like : "AE0139FADDE2AD009EADFEEAA23EAE61F329882E3F", in web.config? : 3. Suppose it is the case that 2 is true, then don't we have to decrypt it : in the code behind like below? : SqlConnection conn = : new SqlConnection(DecryptMyConnectionString(myEncryptedConnection
|
k***e 发帖数: 7933 | 16 asp.net 2.0 has some built-in tool to use.
【在 y********o 的大作中提到】 : I got it from google. : : de : our : like : it : );
|
L*********r 发帖数: 92 | 17 You should get clear about this issue after reading the following link.
The approach 3 (SSPI) is the regular way unless you have other consideration.
http://msdn2.microsoft.com/en-us/library/ms998292.aspx
【在 y********o 的大作中提到】 : I got it from google. : : de : our : like : it : );
|