集成安全性在应用程序和网站中的价值 [英] Value of Integrated Security in application and web site
本文介绍了集成安全性在应用程序和网站中的价值的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
集成安全性在应用程序和网站中的价值
嗨
什么是集成安全性"更好的价值?正确,错误或SSPI(在应用程序和网站中)
非常感谢
Value of Integrated Security in application and web site
Hi
What value Is better for "Integrated Security"? True, false or SSPI (in application and web site)
Thanks very much
推荐答案
将Integrated Security设置为True或SSPI意味着用户将能够使用其Windows登录信息登录数据库. 这意味着,如果有人使用域\用户名MYCOMPANY \用户名及其密码登录到计算机,则数据库将识别出该用户已通过域控制器 [ ^ ].对于用户来说,这当然很容易,因为SQL Server可以识别它们,而用户不必再次登录.当然,这绝对是安全的,因为只有当黑客实际上与用户位于同一域时,黑客才能登录.
不利的一面是,如果用户当前未登录到域,则他们无法通过Integrated Security访问数据库.在这种情况下,将需要用户名和密码(并且Integrated Security为false).幸运的是,两个人并不互相排斥.
因此,您应该尝试使用Integrated Security登录.当然,用户应该对此具有权限. 在此处阅读更多信息 [
Having Integrated Security set to True or SSPI means that a user will be able to login to a database using their Windows login information.
This means that if someone would login with domain\username MYCOMPANY\username and their password on their computer the database will recognize this user as logged in at a domain controller[^]. This is of course easy for the user as SQL Server recognizes them and the user doesn''t have to log in again. Of course this is absolutely safe since a hacker would only be able to login if they were actually on the same domain as the user.
A downside to this is that if the user is not currently logged in to the domain they have no way of accessing the database by Integrated Security. In this case a username and password will be necessary (and Integrated Security is false). Luckily the two don''t rule each other out.
So when you can you should try to log in using Integrated Security. Of course users should have permission for this. Read here for more information[^]. So as you can see it''s not a question of "what''s better", but "what is more suited for the current situation". You will see when you login to SQL Server you get a login form asking you if you want to login using Windows Authentication (Integrated Security) or SQL Server Authentication (username/password combination). Now you make the decision what you need :)
这篇关于集成安全性在应用程序和网站中的价值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
