security with web-based access

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Ellen K.
    #1

    security with web-based access

    First of all, I have never done any web-based stuff, so if the
    following sounds ignorant, it's because I am!

    So far all our SQL Servers are accessed only over our network and we
    use Windows authentication. Now the guy I'm working with on the
    design of our next stuff wants the two new databases (a transactional
    one and my data warehouse) to be additionally accessed by web-based
    applications via our company intranet (NOT THE INTERNET). How do we
    authenticate under these conditions? The webserver machine will be
    talking to the SQL Server ones, i.e. the databases will each be on the
    their own separate boxes. Can the webserver be a "user"? If so,
    and we want the actual users to have different privileges, then the
    web-based apps have to manage that? Or is there a way for the
    web-based apps to grab the Windows user and pass it to SQL Server?
    Tags: None
    • Simon Hayes
      #2
      Re: security with web-based access


      "Ellen K." <72322.enno.ess peeayem.1016@co mpuserve.com> wrote in message
      news:2p5d80h6m3 mfrck7mv2mkou2a 3s81mo8ut@4ax.c om...[color=blue]
      > First of all, I have never done any web-based stuff, so if the
      > following sounds ignorant, it's because I am!
      >
      > So far all our SQL Servers are accessed only over our network and we
      > use Windows authentication. Now the guy I'm working with on the
      > design of our next stuff wants the two new databases (a transactional
      > one and my data warehouse) to be additionally accessed by web-based
      > applications via our company intranet (NOT THE INTERNET). How do we
      > authenticate under these conditions? The webserver machine will be
      > talking to the SQL Server ones, i.e. the databases will each be on the
      > their own separate boxes. Can the webserver be a "user"? If so,
      > and we want the actual users to have different privileges, then the
      > web-based apps have to manage that? Or is there a way for the
      > web-based apps to grab the Windows user and pass it to SQL Server?[/color]

      You might get a better response in an ASP forum (if that's the web platform
      you're using), but I can give you some basic answers. The webserver can be a
      user - if it uses a domain service account (just like SQL Server), then that
      account can be an MSSQL login. In this case, you would have to manage
      permissions entirely within your application, as the only account accessing
      MSSQL would be the web server service account. Alternatively, some
      combinations of web server and browser can impersonate a specific user (I
      believe IE/IIS can do this, no idea about other possibilities), so that your
      authentication would work as normal.

      Simon


        Comment

        Previous template Next
        Working...