I've been developing a site using ASP.NET MVC, and have decided to use the new SQL Server 2008 FILESTREAM facility to store files 'within' the database rather than as separate entities. While initially working within VS2008 (using a trusted connection to the database), everything was fine and dandy. Issues arose, however, when I shifted the site to IIS7 and changed over to SQL authentication on the database.
It seems that streaming a FILESTREAM doesn't work with SQL authentication, only with Windows authentication. Given this, what is the best practice to follow?
Is there a way to force this sort of thing to work under SQL authentication?
Should I add NETWORK SERVICE as a database user and then use Trusted authentication?
Should I create another user, and run both the IIS site and the database connection under this?
Any other suggestions?
Take a look at this article. I don't know a whole lot about FileStreaming and security, but there are a couple of interesting options in the FileStreaming setup such as allowing remote connections and allow remote clients to access FileStreaming
Related
Testing SQL queries with large datasets against Azure SQL server may be costly, so it is better for me to test my code against a local server. I would like to create a new local server with "SQL Server authentication" rather than "Windows authentication", and I would like to keep my default local server that uses Windows authentication.
In lack of better phrasing:... is it "common" to have multiple SQL servers with different authentication methods on the same Windows-10 pc ?
If it is "straight-forward" to do this, then please share "how-to", or share better jargon for web searches. I did not find much information on this when googling "create new local server with sql server authentication"
As you may easily catch from the text: I'm not an IT expert...
Yes, you can use at an instance and solely your will to provide the accesses.
where you can use Windows Authentication mode and mixed mode.
More information about Windows Authentication may be found at: Connecting Using Windows Authentication.
We may utilize SQL Server Authentication to solve your problem by passing the user name and password.
I want to deploy my web application including a SQL Server 2008 database from my local machine to my hoster.
So far I used the Windows authentication, is it necessary to switch to username and password when I want to make my application public on the internet?
And if that's the case, what's the best practice to hide that information if they are saved as strings in the web.config?
Side note: I use Linq to Entities as Object Mapper and within the code I use
HttpContext.Current.User to authenticate the user
If you are not using shared hosting, then you can keep using windows authentication which is more secure than having SQL server user.
You should also disable remote connections so that no one can directly access SQL server to make it more secure.
For encrypting connection string check this site.
The solution consists of an SQL Database and desktop application working hard with that DB. DB Deployed as Azure SQL Database, application running on Azure Virtual Machine with Windows Server onboard. What is the deployment guidelines for this two services in Azure? I want to achieve max performance. Should they both be located in same resource group?
You will need to get your app and the database located as close as possible so yes the same resource group.
Make sure you do not have Mars enabled (MultipleActiveResultSets in connection string).
Make sure you do use connection pooling.
Read this to understand what you are dealing with:
https://www.simple-talk.com/sql/learn-sql-server/improving-the-quality-of-sql-server-database-connections-in-the-cloud/
Ed
I am trying to find code examples of:
1. Remote MVC App on IIS
2. Data is on the customers SQL Server and on the windows domain they are using their web browser from.
I have a MVC app that works well with IIS and SQL Server being on the same domain.
However, I am trying to figure out how to extend the MVC App to multiple customers by hosting the site on a remote IIS server and having the remote MVC application on IIS query the customers SQL Server database.
I am comfortable with MVC, Entity Framework, & SQL Server but have had a hard time finding examples for this scenario.
You can certainly change the connection string of your application to work with any remote SQL Server instance you please. Obviously being outside the domain poses some additional challenges and security risks that you should consider, however, to get them talking to each other you can simply specify the server address in your connection string like so:
Data Source=192.168.10.1,1433;Network Library=DBMSSOCN;Initial Catalog=myDataBase;User ID=myUsername;Password=myPassword;
The Network Library parameter forces the use of TCP/IP as a network protocol. Note that the customer will have to set up a SQL Server Authentication user on their database to simplify this scenario - using a trusted connection will be impossible unless you integrate your Windows domains, which could be a significant amount of work for little benefit.
I want to allow a user to provide their SQL login credentials, and display local SQL tables, stored procs, etc. in a listing. Is this possible? Note: I do not want to install some local, small SQL variant. I'm talking about the full version of SQL 2005+ that's already sitting on a developer's workstation.
Silverlight provides no mechanism for connecting to a SQL Database directly. You either need to provide a set of web services to interface with your data source or use ADO.NET Data services.
Connecting to a local SQL database using Silverlight alone isn't possible.
Something I almost missed is that you don't want to connect back to a database on the web server. You want information about a possible sql server instance on the user's (developer's) local machine. That isn't possible from within Silverlight alone.
I had thought you might be able to send the credentials on to the web server, have it dynamically generate a connection string, and then use the information_schema views to return lists of tables and views like any other data source. But that won't work.
However, in that scenario the web server is essentially acting as a proxy for your silverlight app. You might be able to build something else to act a proxy instead. Perhaps a small clickonce winforms app. That would install from a web page via hyperlink, so you could craft a link to install it on the page hosting your silverlight app.
With silverlight you cannot access the local machine/network resources. you will need to use wpf/xbap.