Functions of the integrated security and persist Security info parameters in the ADO database connection

Integration SECURITY = sspi in SQL connection statements

Solution:

Security Support Provider Interface

When the value of integrated security is set to true, the user ID in front of the connection statement PW does not work, that is, the Windows Authentication mode is used.

The connection is based on userid and PW only when it is set to false or this item is omitted.

Integrated security can be set to: True, false, yes, no. The four values are clear and can also be set to: sspi, which is equivalent to true. We recommend that you use this instead of true.

What is the difference between initial catalog and database?

Initial catalog:

Database:

There is no difference between the two, but the names are different, just like the real names of humans and old names .. Can call you.

**************************************** ****

Integrated Security = sspi indicates that the current Windows system user logs on to the SQL Server server. If the SQL Server server does not support this method, an error occurs.

You can use the username and password of SQL Server to log on, for example:

"Provider = sqloledb.1; persist Security info = false; initial catalog = database name; daTa source = 192.168.0.1; user id = sa; Password = password"

**************************************** ***********

If the value of integrated security-or-trusted_connection 'false' is false, the user ID and password are specified in the connection. If this parameter is set to true, the current Windows Account creden。 are used for authentication. The identifiable values are true, false, yes, no, and sspi equivalent to true (strongly recommended ).

**************************************** *********

The persist Security info attribute indicates whether to save the security information. In fact, it can be simply understood as "whether to save the password information after the database connection is successful ",

True indicates saving, false indicates not saving

ADO is true by default.
(The default value of ado.net is false. It is not tested, as described in reference)

You can verify the connection string attribute of the Connect object of ADO as follows (the test passes in Delphi7 ):

Bytes ----------------------------------------------------------------------------------------------------------

Before database connection

Connectstring = "provider = msdaora.1; Password = mypassword; user id = yzs; Data Source = ydgl22;Persist Security info = false"

After the database is connected successfully

Connectstring = "provider = msdaora.1; user id = yzs; Data Source = ydgl22"

Bytes ----------------------------------------------------------------------------------------------------------

Before database connection

Connectstring = "provider = msdaora.1; Password = mypassword; user id = yzs; Data Source = ydgl22;Persist Security info = true"

After the database is connected successfully

Connectstring = "provider = msdaora.1;Password = mypassword; User id = dlyx; Data Source = ydgl22"

Bytes ----------------------------------------------------------------------------------------------------------

Generally, if you do not need a password after the database is successfully connected, we recommend that you set persist Security info to false for security reasons, to prevent the backdoor program from getting the database connection password (this problem occurred before SP1 in Windows2003 ).