IIS7、SQL 2008 和 ASP.NET MVC 安全性 [英] IIS7, SQL 2008 and ASP.NET MVC security

问题描述

我正在开发一个 ASP.NET MVC 应用程序.我一直在使用 IIS6 和 SQL 2008 Express 在 Windows Server 2003 上开发它，一切都运行良好.我最近决定试用 Windows 7 测试版，所以现在我使用的是 IIS7，但在连接到我的数据库时遇到了问题，我似乎无法弄清楚.

I have an ASP.NET MVC application that I'm working on. I've been developing it on Windows Server 2003 with IIS6 and SQL 2008 Express, and everything was working great. I recently decided to try out the Windows 7 beta, so now I'm using IIS7, and have run into a problem with connectivity to my database that I can't seem to figure out.

我可以很好地运行/调试应用程序，但是每当我尝试访问需要访问数据库的页面时，都会收到以下错误:

I can run/debug the app just fine, but whenever I try to access a page that needs to access the database, I get the following error:

无法打开登录请求的数据库MyDatabaseName".登录失败.用户 'IIS APPPOOLMyApplicationName' 登录失败."

"Cannot open database "MyDatabaseName" requested by the login. The login failed. Login failed for user 'IIS APPPOOLMyApplicationName'."

我显然有一些安全配置设置不正确，但我似乎找不到任何关于如何正确设置的好的文档.我已经尝试在数据库上授予 NETWORK SERVICE 权限，但这似乎不起作用.任何人都知道我需要做些什么来给这个数据库IIS APPPOOLMyApplicationName"权限?我错过了什么明显的东西吗?

I've obviously got some security configuration setup incorrectly, but I can't seem to find any good documentation on how to set it up correctly. I've tried giving NETWORK SERVICE permissions on the database, but that didn't seem to work. Anyone know what I need to do to give "IIS APPPOOLMyApplicationName" permissions to this database? Am I missing something obvious?

谢谢...

推荐答案

如果您不使用 Active Directory，请忽略此处提到的所有其他解决方案.混乱源于 IIS 7.5+ 中新的 ApplicationPoolIdentity 设置默认值(MS 不断更改身份机制)

If you are NOT using Active Directory, then ignore all of the other solutions mentioned here. The confusion stems from the new ApplicationPoolIdentity setting default in IIS 7.5+ (MS keeps changing the identity mechianisms)

1. 打开 SQL Management Studio，以管理员身份连接到本地计算机.
2. 展开 Security 分支.
3. 右击Logins并选择New Login
4. 在登录名字段中，输入IIS APPPOOLMyApplicationName".不要不点击搜索按钮.用户配置文件实际上并不存在于本地计算机上，它是按需动态创建的.

1. Open SQL Management Studio, connect to your local machine as an admin.
2. Expand the Security branch.
3. Right click on Logins and select New Login
4. Into the Login Name field, type "IIS APPPOOLMyApplicationName". Do NOT click the search button. The user profile dosn't actually exist on the local machine, it's dynamically created on demand.

在查看时，不要忘记将用户添加到数据库或服务器角色.

While you're looking at it, don't forget to add the user to a database or a server role.

这篇关于IIS7、SQL 2008 和 ASP.NET MVC 安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！