The integrated Security=sspi in C#--web.config

Source: Internet
Author: User
Tags sql using

    origin of the problem

Before the computer room toll system personal reconfiguration, the configuration file access to the database, using this way, such as:

   String= "server=localhost;database=pubs;uid=sa;password=123456"

During the two days of learning MVC, when setting up a configuration file, it was found that linking the database was another way:  

Connectionstring= "Data source= (LocalDb) \v11.0;initial catalog=aspnet-mvcmovie-20141126170450;integrated Security= SSPI; attachdbfilename=| Datadirectory|\movies.mdf "Providername=" System.Data.SqlClient "

Focus on Integrated Security=sspi this sentence, what is the difference??


    Two authentication modes for databases


Windows Authentication Mode

When installed, if you press the default action (Windows Authentication mode), SQL Server will use the current Windows account and its password as the embedded login name (BUILTIN\Administrators) and password for Windows Authentication mode. Therefore, you do not need to specify a login name and password when using Windows Authentication mode. Of course, you can also specify a different Windows account as the embedded login name in Windows Authentication mode, and then follow the prompts to modify it. Windows Authentication mode only allows connections in Windows Authentication mode, even if SQL Server mode is selected in SSMs, which can cause a connection failure.

Mixed Authentication Mode

If you select mixed mode during installation, you must specify a password for the sa login, which adds a login for SQL Server authentication.

two different ways

Windows authentication is more secure than mixed mode, and when using this connection mode, SQL Server authenticates only based on the user's Windows permissions, which we call "trusted connections," but cannot be logged on remotely due to ntml authentication.
Mixed-mode validation is more complex when a local user accesses SQL using Windows Authentication to establish a trust connection, and when a remote user accesses the SQL Server authentication because of a failure to pass Windows authentication (a user with SA can also log on to SQL) to establish an "untrusted connection". This allows remote users to log on as well.
Accurately, hybrid authentication mode, which is based on Windows authentication and SQL Server identity hybrid authentication. In this mode, the system will determine whether the account is trusted under the Windows operating system, for trusted connections, the system is directly using Windows Authentication mechanism, not the trusted connection, which not only includes remote users but also local users, SQL Server is automatically verified by the existence of the account and the matching of the password.

Common understanding misunderstanding

The Windows Authentication mode and SQL Server authentication mode logins, which differ in permissions, are incorrect. The difference between these two authentication methods is not the permissions. And no one who has high authority, who has low authority to say. Regardless of the default logon name for Windows authentication, the SQL Server-like SA, or another login that you added yourself, you have permission to operate on the database and the table that is set for that login in SQL Server.



intergrated Security =sspi

SSPI: Security Support Provider Interface (Microsoft Security Provider Interface), which defines a more comprehensive public API for integrated security services such as authentication, information integrity, information privacy, and security-related services for all distributed application protocols.

===========================================
Integrated Security Authentication method
When False, a user ID and password are specified in the connection.
When True, the current Windows account credentials are used for authentication.
The recognized values are true, False, Yes, no, and SSPI that is equivalent to true.

============================================


     Summary

to ensure that the security recommendations of the database use Windows Authentication mode whenever possible, Windows authentication uses a series of encrypted messages to authenticate users in SQL Server. When you log on using SQL Server, SQL Server logins and passwords are passed over the network, which reduces their security.


The integrated Security=sspi in C#--web.config

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.