none
ASP.NET secure connection? RRS feed

  • Question

  • Hello,

     

    I'm creating a sort of intranet-application using ASP.NET(C#). It gets data from a SQL-server using ADO.NET. All the domain users should have the permission to use the application. What I've done is I mapped all users to the right database and gave them SELECT-permission(using datareader-role).This way, I can use Windows-authentication to the SQL-server so no paswords are embedded in my connectionstring. 

     

    Is this a secure and good solution? 

    This is the link I used: http://www.codeguru.com/csharp/.net/net_security/authentication/article.php/c7725

    Sunday, November 14, 2010 4:13 PM

Answers

  • Yes it is secure as long as you do not grant unnecessary permissions to the user/user groups... though it is not the fastest way to access the server if the database is in the other side of the world (read: multinational companies).

    The following is signature, not part of post
    Please mark the post answered your question as the answer, and mark other helpful posts as helpful, so they will appear differently to other users who are visiting your thread for the same problem.
    Visual C++ MVP
    • Marked as answer by liurong luo Monday, November 22, 2010 1:55 AM
    Sunday, November 14, 2010 6:02 PM