验证服务器 [英] Authentication to server
问题描述
大家好,
我一直想弄清楚为什么我以[ServerName]/Guest身份登录到SQL Server.我正在尝试连接到数据库并执行一些操作,但是由于以来宾身份登录,这避免了我执行正确的操作.
我的连接字符串曾经是:
CONNECTION_STRING ="服务器= SERVER2 \\ SQLEXPRESS;数据库= RMA_DB; Trusted_Connection = True;"
当我使用它时,我以Guest身份登录,但是当我添加有效的用户名和密码时,我不再以Guest身份登录.我已使用我提供的用户名登录.
因为我的连接字符串是;
CONNECTION_STRING ="服务器= SERVER2 \\ SQLEXPRESS;用户ID = [用户ID];密码= [密码];数据库= RMA_DB; Trusted_Connection = False;"
据我了解,这背后的主要原因是
启用模拟会使ASP.NET以当前运行的用户名的身份向SQL Server发出请求.如果访问该网站的任何人都具有Windows凭据,则可以使用模拟.虽然我正在测试,但是可以,但是当我创建一个人们可以通过Internet访问的网站时,由于用户将没有凭据,因此模拟将不起作用.在这种情况下,我不应该使用模仿.
在我以前使用的另一个Web应用程序中,没有用户名和密码的连接字符串运行良好.我不明白为什么该应用程序无需服务器中的用户名和密码就能连接?
Hello all,
I have been trying to figure out why I am logged as [ServerName]/Guest to the SQL server. I am trying to connect to the db and do some actions but due to being logged as Guest, it is avoiding me to do the proper actions.
My connection string is used to be:
CONNECTION_STRING = "Server=SERVER2\\SQLEXPRESS; Database=RMA_DB; Trusted_Connection=True;"
when I use this I am logged as Guest but when I add a valid user name and a password I am not logged in as Guest anymore. I am logged as a the username that I provided.
for that my connection string is;
CONNECTION_STRING = "Server=SERVER2\\SQLEXPRESS; User Id=[userid]; Password=[password]; Database=RMA_DB; Trusted_Connection=False;"
As far as i know the main reason behind this is;
Enabling impersonation causes ASP.NET to make the request to the SQL Server as the name of the user currently running. Using impersonation works if anyone who hits the site has Windows credentials. While I am testing, that works but when I am going to create a site that people might get to via the Internet, though, then impersonation won''t work, because users won''t have credentials. In that case, I shouldn''t use impersonation.
In another web application that I previously used, the connection string without the username and the password is working perfectly fine tho. What I dont understand why this app can able to connect without the username and password in the server? What I am missing can someone explain?
推荐答案
在asp.net中使用无需模拟的可信连接时,您将使用以下凭据登录SQL Server:运行过程.似乎凭据无法访问特定的SQL Server数据库,因此使用来宾.
使用Management Studio,您可以检查针对SQL Server的凭据,例如从活动监视器中.现在检查以下任何一项:
-使用的凭据在所需数据库中列为数据库用户(当然,在sql server中也作为登录名)
-或将那些凭据包含在有权访问数据库的Windows组中
旁注:出于安全原因,我将禁用来宾帐户...
When you use trusted connection without impersonation in the asp.net you will log in to the SQL Server with the credentials of the running process. Seems that the credentials don''t have access to the specific SQL Server database so guest is used.
Using Management studio you can check the credentials that are used against SQL Server, for example from activity monitor. Now check that either:
- the credentials that are used is listed as the database user in the desired database (and of course as a login in sql server)
- or include those credentials to a windows group that has access to the database
Side note: For security reasons I would disable the guest account...
对我来说,解决方案很简单,错过了检查是否启用了asp.net模拟功能IIS.使用此连接字符串"CONNECTION_STRING =" Server = SERVER2 \\ SQLEXPRESS;数据库= RMA_DB; Trusted_Connection = True;它起作用了,为此,我按照以下步骤进行了操作:
*打开IIS管理器并导航到您要管理的级别.有关打开IIS管理器的信息,请参阅打开IIS管理器(IIS 7).有关导航到UI中位置的信息.
*在功能视图"中,双击身份验证".
*在身份验证"页上,选择"ASP.NET模拟".
*在操作"窗格中,单击启用"以使用默认设置使用ASP.NET模拟身份验证.
似乎很容易,但是要弄清楚我已经花了几个小时.我希望这个答案可以节省其他时间:)
The solution for me is kind of simple and missed out to check if the asp.net impersonation is enabled or not in IIS. With this connection string "CONNECTION_STRING = "Server=SERVER2\\SQLEXPRESS; Database=RMA_DB; Trusted_Connection=True;" it worked, to do this I followed these steps;
*Open IIS Manager and navigate to the level you want to manage. For information about opening IIS Manager, see Open IIS Manager (IIS 7). For information about navigating to locations in the UI.
*In Features View, double-click Authentication.
*On the Authentication page, select ASP.NET Impersonation.
*In the Actions pane, click Enable to use ASP.NET Impersonation authentication with the default settings.
seems easy but to figure this out i have spent couple hours. i hope this answer save others time :)
这篇关于验证服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
