I know integrated Auth is preferred, but how does one use integrated auth
for web applications when customers are external ?
I know we can have integrated auth for internal customers where all these
customers have a valid domain account and we can add these domain accouts as
logins to SQL
How does one set up integrated auth for external customers coming thru the
front end web application ?
Is SQL Auth not secure and not recommended by MS ? When would one use SQL
Auth ?
Thanksif its through an ASP.Net application, then you can use the delegation.
the user is authenticated at the web level, then using the impersonation
feature of the ASP.NET the web delegates the user for database access.
if your database server & web servers are on 2 separete servers, then you
have to made some configuration in your active directory.
(If you use Basic authentication for the web access, this config is not
required)
you have to setup the Kerberos delegation.
search for kerberos delegation with IIS under on the microsoft web site to
found more information.
"Hassan" <hassan@.hotmail.com> wrote in message
news:e4ymgzQ%23FHA.3340@.TK2MSFTNGP12.phx.gbl...
>I know integrated Auth is preferred, but how does one use integrated auth
>for web applications when customers are external ?
> I know we can have integrated auth for internal customers where all these
> customers have a valid domain account and we can add these domain accouts
> as logins to SQL
> How does one set up integrated auth for external customers coming thru the
> front end web application ?
> Is SQL Auth not secure and not recommended by MS ? When would one use SQL
> Auth ?
> Thanks
>|||"I know integrated Auth is preferred, but how does one use integrated
auth
for web applications when customers are external ? "
-If you have many customers I wouldn=B4t prefer Windows authentication
on a user basis as a good approach, because you have to maintain the
users in your active directory (create, alter,etc) and the most worst
thing, you have to buy Windows CALs as well as SQL Server CALs (if you
don=B4t have a processor licence for the server).
-If you want to accomplish the authentication via using a service
Windows account which can be authentication in the WIndows Domain and
usally the Webserver is running on I can tell you that this is a very
common approach. But remember that even only 1 (Windows) User is
accessing the SQL Server you have to get appropiate SQL Server Cals OR
or processor licence for the SQL Server machine.
"How does one set up integrated auth for external customers coming thru
the.."
-YOu can setup the web server to use basis authentication for
connection made from outside the intranet. Though this is basis
authentication you should use a SSL Certificate to encrypt your data,
otherwise data (Username / password) "could" be compromised over the
internet.
"Is SQL Auth not secure and not recommended by MS ? When would one use
SQL Auth ?"
-SQL Server Auth is for example used when you don=B4t have a Active
Directory, if you handle your security within your application and
therefore only have to access via one user, if you have plenty of time
maintaining twice users and groups if you plan to administer them on a
per user basis.
HTH, Jens Suessmeyer.|||Hi,
its recomended to use Windows Authentication with Kerbros for more secure
communication ,
www.sql-server-performance.com/foru...?TOPIC_ID=11499
http://ureader.com/group/456-1.aspx
support.microsoft.com/default.aspx?ID=kb;en-us;Q247931
www.eggheadcafe.com/forums/ForumPos...D=43760&INTID=9
www.codecomments.com/archive319-2005-10-639284.html
www.codecomments.com/archive319-2005-9-597955.html
Regards
--
Andy Davis
Activecrypt Team
---
SQL Server Encryption Software
http://www.activecrypt.com
"Jens" wrote:
>
> "I know integrated Auth is preferred, but how does one use integrated
> auth
> for web applications when customers are external ? "
> -If you have many customers I wouldn′t prefer Windows authentication
> on a user basis as a good approach, because you have to maintain the
> users in your active directory (create, alter,etc) and the most worst
> thing, you have to buy Windows CALs as well as SQL Server CALs (if you
> don′t have a processor licence for the server).
> -If you want to accomplish the authentication via using a service
> Windows account which can be authentication in the WIndows Domain and
> usally the Webserver is running on I can tell you that this is a very
> common approach. But remember that even only 1 (Windows) User is
> accessing the SQL Server you have to get appropiate SQL Server Cals OR
> or processor licence for the SQL Server machine.
>
> "How does one set up integrated auth for external customers coming thru
> the.."
> -YOu can setup the web server to use basis authentication for
> connection made from outside the intranet. Though this is basis
> authentication you should use a SSL Certificate to encrypt your data,
> otherwise data (Username / password) "could" be compromised over the
> internet.
>
> "Is SQL Auth not secure and not recommended by MS ? When would one use
> SQL Auth ?"
> -SQL Server Auth is for example used when you don′t have a Active
> Directory, if you handle your security within your application and
> therefore only have to access via one user, if you have plenty of time
> maintaining twice users and groups if you plan to administer them on a
> per user basis.
> HTH, Jens Suessmeyer.
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment