IM both of them being hosted on the same server to host my site and db using a shared hosting company Are there.
To reach DB I am supplying the user id and password in the connection string within web configuration.
It just makes me uncomfortable.
Am I the way to avoid passing uraid / web.config connection string?
You can switch to OS authentication:
data Source = myServerAddress; Initial Catalog = myDataBase; Integrated Security = SSPI;
In this case access to grant DB account runs under your site or, just in web.config.
Update: I'm not sure how this is happening in the hosting environment (the hoster should ask some common questions), but if your server is dedicated and you have your own SQL Server has administrative privileges, such as you can create a login
AUTHORITY \ NETWORK SERVICE] login from Windows [NT AUTHORITY \ NETWORK SERVICE] for login [NT AUTHORITY] \ NETWORK SERVICE] exec sp_addrolemember 'db_datareader', [NT AUTHORITY \ NETWORK SERVICE] In the application pool in IIS There is an account to run under which I Network Service is the default for IIS 6.0, but if the server is shared, then you probably have a custom account (providing access to network services on shared servers, your DB The network will open for any service running under the service).
Comments
Post a Comment