Ask the Expert

How to secure ASP.NET applications that pull data from SQL Servers

How do you secure ASP.NET applications that pull data from SQL Servers? My developers are putting the username and password in the web.config. We can't use Windows Authentication because the Web servers are in a different domain than the SQL Servers and there is no trust established between the domains. Do have a better solution for this?

    Requires Free Membership to View

You can use synchronized accounts between the two servers, then use Windows Authentication as normal. The accounts do not have to be in the same domain but they do have to have the same username and password. Just create a local account on the Web server with the same password as the local account on the SQL Server with the same username.

This was first published in January 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: