Pro: simple.
Cons: password in web.config; have to specifically configure SQL Server ID.
- Connect via user NT ID via ASP.NET impersonation.
Pro: no passwords in web.config; fine-grained control of security per user.
Cons: administrative overhead of configuring user accounts in SQL Server; SQL Server monitoring of application is scattered across many accounts.
- Run ASP.NET as a custom NT ID, and have that NT ID configured in SQL Server.
Pros: connecting to SQL Server as one ID - simple; no passwords in web.config.
Cons: complicated from a security perspective. Have to configure custom SPNs in Active Directory for Kerberos authentication.
No comments:
Post a Comment