How do you secure ASP.NET applications that pull data from SQL Servers? My developers are putting the username and password in the web.config. We can't use Windows Authentication because the Web servers are in a different domain than the SQL Servers and there is no trust established between the domains. Do have a better solution for this?
You can use synchronized accounts between the two servers, then use Windows Authentication as normal. The accounts do not have to be in the same domain but they do have to have the same username and password. Just create a local account on the Web server with the same password as the local account on the SQL Server with the same username.
Dig deeper on SQL Server Security
When encrypting SQL tables that have joins in SQL Server 2000, learn about possible problems that may arise with different data values in those ...continue reading
Learn how to set a SQL Server password to an SA login and why you can not set this account for access to separate SQL Server databases.continue reading
Get the code to connect SQL Server version 7.0 to Visual Basic 6.0.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.