Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP .Net (http://www.velocityreviews.com/forums/f29-asp-net.html)
-   -   web app - IIS and SQL on different machines (http://www.velocityreviews.com/forums/t71199-web-app-iis-and-sql-on-different-machines.html)

Dan Walls 01-22-2004 07:12 AM

web app - IIS and SQL on different machines
 
Hi,

I am deploying an ASP.Net web app into the following scenario:

Internet --> Firewall --> WebServer (IIS) --> [firewall?] --> [database
server]

However I am not sure what sort of authentication options are available to
me in gettingthe application to talk to the SQL server.

How do I talk between the web app and the database server - if TCP/IP then
what mode of authentication do I use? What would a typical connection string
look like?

Are there any references where I can study up on this ? I couldn't find
anything even though I spent half the day looking - mind you it helps to
know what you're looking for.

Thanks very much if you can help me,
Dan.



Keith Kratochvil 01-22-2004 01:55 PM

Re: web app - IIS and SQL on different machines
 
You will probably need to use SQL Server authentication. Check out www.connectionstrings.com for examples of connection strings that you can use.

--
Keith


"Dan Walls" <wallsy@hotmail.com> wrote in message news:yJKPb.23117$Wa.6746@news-server.bigpond.net.au...
> Hi,
>
> I am deploying an ASP.Net web app into the following scenario:
>
> Internet --> Firewall --> WebServer (IIS) --> [firewall?] --> [database
> server]
>
> However I am not sure what sort of authentication options are available to
> me in gettingthe application to talk to the SQL server.
>
> How do I talk between the web app and the database server - if TCP/IP then
> what mode of authentication do I use? What would a typical connection string
> look like?
>
> Are there any references where I can study up on this ? I couldn't find
> anything even though I spent half the day looking - mind you it helps to
> know what you're looking for.
>
> Thanks very much if you can help me,
> Dan.
>
>


Kevin Spencer 01-22-2004 02:25 PM

Re: web app - IIS and SQL on different machines
 
A SQLServer is much like a web server, other than the TCP/IP port it listens
to for requests. The Connection is defined via the Connection String, which
contains a number of parameter values that indicate how the database should
be connected to. It includes such things as the IP address/domain
name/machine name of the SQL Server machine (which one depends upon your
network configuration, which was a bit sketchy), the User Name and Password
you want to connect using, the database to use, and other optional elements.
A good reference for Connection Strings is
http://www.connectionstrings.com/.

You can use Either SQL Server authentication or Windows Authentication.
Which one you use depends upon how the SQL Server is configured. You should
ask your DBA about that.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.

"Dan Walls" <wallsy@hotmail.com> wrote in message
news:yJKPb.23117$Wa.6746@news-server.bigpond.net.au...
> Hi,
>
> I am deploying an ASP.Net web app into the following scenario:
>
> Internet --> Firewall --> WebServer (IIS) --> [firewall?] --> [database
> server]
>
> However I am not sure what sort of authentication options are available to
> me in gettingthe application to talk to the SQL server.
>
> How do I talk between the web app and the database server - if TCP/IP then
> what mode of authentication do I use? What would a typical connection

string
> look like?
>
> Are there any references where I can study up on this ? I couldn't find
> anything even though I spent half the day looking - mind you it helps to
> know what you're looking for.
>
> Thanks very much if you can help me,
> Dan.
>
>




Dan Walls 01-23-2004 12:04 AM

Re: web app - IIS and SQL on different machines
 
Thanks Kevin,

unfortunately I am also the DBA :-). I have the freedom to install and
configure the network as I see fit, so I will configure the network in the
way the provides the best possible security. That is why I am looking at
adding another layer and putting the SQL server on a different machine to
IIS.

It's my understanding that if I communicate via TCP/IP between IIS server
and SQL Server machines then I can only use SQL authentication and NOT
Windows authentication. This is because Windows authentication relies on the
user being recognised by the OS and a tcp 1433 connection would go straight
to the SQL server.

Now - is it possible to use windows networking between the two machines -
and that way I could log in using the IIS_MACHINE/ASPNET user account. This
user account would have to be present on the SQL machine would it not? Would
this work if I gave it the same usernam and password - are there any
inherent security risks with this approach?

Thanks for the connectionstrings.com. That's a good reference. Straight to
the favourites.

Dan.

"Kevin Spencer" <kevin@takempis.com> wrote in message
news:uPH3SRP4DHA.2380@TK2MSFTNGP09.phx.gbl...
> A SQLServer is much like a web server, other than the TCP/IP port it

listens
> to for requests. The Connection is defined via the Connection String,

which
> contains a number of parameter values that indicate how the database

should
> be connected to. It includes such things as the IP address/domain
> name/machine name of the SQL Server machine (which one depends upon your
> network configuration, which was a bit sketchy), the User Name and

Password
> you want to connect using, the database to use, and other optional

elements.
> A good reference for Connection Strings is
> http://www.connectionstrings.com/.
>
> You can use Either SQL Server authentication or Windows Authentication.
> Which one you use depends upon how the SQL Server is configured. You

should
> ask your DBA about that.
>
> --
> HTH,
> Kevin Spencer
> .Net Developer
> Microsoft MVP
> Big things are made up
> of lots of little things.
>
> "Dan Walls" <wallsy@hotmail.com> wrote in message
> news:yJKPb.23117$Wa.6746@news-server.bigpond.net.au...
> > Hi,
> >
> > I am deploying an ASP.Net web app into the following scenario:
> >
> > Internet --> Firewall --> WebServer (IIS) --> [firewall?] --> [database
> > server]
> >
> > However I am not sure what sort of authentication options are available

to
> > me in gettingthe application to talk to the SQL server.
> >
> > How do I talk between the web app and the database server - if TCP/IP

then
> > what mode of authentication do I use? What would a typical connection

> string
> > look like?
> >
> > Are there any references where I can study up on this ? I couldn't find
> > anything even though I spent half the day looking - mind you it helps to
> > know what you're looking for.
> >
> > Thanks very much if you can help me,
> > Dan.
> >
> >

>
>




Kevin Spencer 01-23-2004 01:19 PM

Re: web app - IIS and SQL on different machines
 
> Now - is it possible to use windows networking between the two machines -
> and that way I could log in using the IIS_MACHINE/ASPNET user account.

This
> user account would have to be present on the SQL machine would it not?

Would
> this work if I gave it the same usernam and password - are there any
> inherent security risks with this approach?


Actually, you can use Windows Authentication as long as the 2 machines are
on the same Domain, using Active Directory accounts. In any case, as long as
the 2 machines are on the same LAN, and behind the same Firewall (configured
correctly), you shouldn't have any security problems using either method. If
you find it easier to work with SQL Server authentication, by all means, use
that.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.

"Dan Walls" <wallsy@hotmail.com> wrote in message
news:zyZPb.24040$Wa.16533@news-server.bigpond.net.au...
> Thanks Kevin,
>
> unfortunately I am also the DBA :-). I have the freedom to install and
> configure the network as I see fit, so I will configure the network in the
> way the provides the best possible security. That is why I am looking at
> adding another layer and putting the SQL server on a different machine to
> IIS.
>
> It's my understanding that if I communicate via TCP/IP between IIS server
> and SQL Server machines then I can only use SQL authentication and NOT
> Windows authentication. This is because Windows authentication relies on

the
> user being recognised by the OS and a tcp 1433 connection would go

straight
> to the SQL server.
>
> Now - is it possible to use windows networking between the two machines -
> and that way I could log in using the IIS_MACHINE/ASPNET user account.

This
> user account would have to be present on the SQL machine would it not?

Would
> this work if I gave it the same usernam and password - are there any
> inherent security risks with this approach?
>
> Thanks for the connectionstrings.com. That's a good reference. Straight to
> the favourites.
>
> Dan.
>
> "Kevin Spencer" <kevin@takempis.com> wrote in message
> news:uPH3SRP4DHA.2380@TK2MSFTNGP09.phx.gbl...
> > A SQLServer is much like a web server, other than the TCP/IP port it

> listens
> > to for requests. The Connection is defined via the Connection String,

> which
> > contains a number of parameter values that indicate how the database

> should
> > be connected to. It includes such things as the IP address/domain
> > name/machine name of the SQL Server machine (which one depends upon your
> > network configuration, which was a bit sketchy), the User Name and

> Password
> > you want to connect using, the database to use, and other optional

> elements.
> > A good reference for Connection Strings is
> > http://www.connectionstrings.com/.
> >
> > You can use Either SQL Server authentication or Windows Authentication.
> > Which one you use depends upon how the SQL Server is configured. You

> should
> > ask your DBA about that.
> >
> > --
> > HTH,
> > Kevin Spencer
> > .Net Developer
> > Microsoft MVP
> > Big things are made up
> > of lots of little things.
> >
> > "Dan Walls" <wallsy@hotmail.com> wrote in message
> > news:yJKPb.23117$Wa.6746@news-server.bigpond.net.au...
> > > Hi,
> > >
> > > I am deploying an ASP.Net web app into the following scenario:
> > >
> > > Internet --> Firewall --> WebServer (IIS) --> [firewall?] -->

[database
> > > server]
> > >
> > > However I am not sure what sort of authentication options are

available
> to
> > > me in gettingthe application to talk to the SQL server.
> > >
> > > How do I talk between the web app and the database server - if TCP/IP

> then
> > > what mode of authentication do I use? What would a typical connection

> > string
> > > look like?
> > >
> > > Are there any references where I can study up on this ? I couldn't

find
> > > anything even though I spent half the day looking - mind you it helps

to
> > > know what you're looking for.
> > >
> > > Thanks very much if you can help me,
> > > Dan.
> > >
> > >

> >
> >

>
>





All times are GMT. The time now is 10:11 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.