经典ASP集成的安全性在连接字符串 [英] Classic ASP Integrated Security in connection string

问题描述

我已经老了传统的ASP应用程序（而不是asp.net），我需要配置为使用Microsoft SQL Server 2008中。
它具有以下配置的字符串效果很好：

I have old classic ASP application (not asp.net) that I need to configure to use Microsoft SQL Server 2008. It works well with following config string:

SERVER=myServer;DRIVER=SQL SERVER;DATABASE=myDatabase;UID=sa;PWD=somepass

但我需要使用集成的安全性。但在任何类型的声明，我试图得到错误。类似的东西并不少变化不工作：

But I need to use integrated security. But got error in any types of declaration that I tried. Something like that and a lot of variations don't work:

SERVER=myServer;DRIVER=SQL SERVER;DATABASE=myDatabase;Integrated Security=SSPI;

所以我的问题是：连接字符串应该怎么看起来像传统的ASP集成安全性。或者，也许需要额外的Web服务器配置？

So my question is: how connection string should look like for Classic ASP integrated security. Or maybe additional web server configuration is needed?

推荐答案

请注意，这将根据您的ASP应用程序池使用匿名身份验证假设的验证SQL撞

Note that this will hit SQL based on the authentication of your asp application pool assuming your using anonymous authentication.

我看到您已经添加评论指出IIS 5，设置一个站点通过转到您的站点的属性，选择目录安全性选项卡，然后单击编辑按钮，使用Windows验证上ISS5可能在匿名访问和验证控制部分。禁用匿名身份验证，并勾选集成Windows安全性选项。

I see you have added a comment noting IIS 5, setting a site to use windows auth on ISS5 is possible by going to the properties of your site, selecting the "Directory Security" tab, then clicking the "Edit" button on the "Anonymous access and authentication control" section. Disable anonymous authentication and tick the "Integrated Windows Security" option.

（注：Web服务器将需要能够进行身份验证的凭据，所以你可能会碰到NTLM和Kerberos问题，根据您的域配置 - 谨慎行事）

(NOTE: the webserver will need to be able to authenticate the credentials, so you may run into NTLM and kerberos issues depending on your domain configuration - tread carefully!)

这应该执行ASP文件作为身份验证的用户，在这种情况下，您的连接字符串随后将能够使用受信任的连接。

This should execute the asp files as the authenticated user, in which case your connection strings would then be able to use trusted connections.

您有几个选择这里取决于你有提供给您哪些供应商。

You have a few choices here depending on which providers you have available to you.

例如，对于将SQL Native Client 9.0 OLE DB提供程序可以使用：

For instance, with the SQL Native Client 9.0 OLE DB provider you could use:

Provider=SQLNCLI;Server=myServerAddress;Database=myDataBase;Trusted_Connection=yes;

本机客户端10略有不同：

Native Client 10 is slightly different:

Provider=SQLNCLI10;Server=myServerAddress;Database=myDataBase;Trusted_Connection=yes;

我preFER SQLOLEDB提供程序（IVE曾与在过去的SQL Server驱动程序和VARCHAR（MAX）麻烦）：

I prefer the SQLOLEDB provider (ive had trouble with SQL SERVER driver and VARCHAR(MAX) in the past):

Provider=SQLOLEDB;Data Source=Your_Server_Name;Initial Catalog=myDataBase;Integrated Security=SSPI;

请注意：突然改变验证可能会破坏其他的东西 - 我肯定只建议在SQL服务器上添加一个SQL凭据和使用，在您的连接字符串，而不是

NOTE: suddenly changing the authentication may break other stuff - i'd certainly just recommend adding a SQL credential on the SQL server and use that in your connection strings instead.

这篇关于经典ASP集成的安全性在连接字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！