The ASP file, Example1.asp, which Listing 1 shows, resides at the Web root of the Athens IIS server and runs a query against the Pubs database on Byzantium. Jane first logs in to the domain, then accesses the page by pointing her Web browser to the \\athens\Example1.asp URL. First, the code creates an ADO connection object named cn. The connection object uses a connection string that identifies the SQLOLEDB library, the Byzantium server, and the Pubs login database. The connection string's last parameter makes the connection a trusted connection. Next, the code creates a recordset from a simple SELECT statement that counts the number of records in the Authors table. The server then displays the result to the browser. Finally, the code closes and destroys the objects, releasing memory back to the OS. If the Athens computer account or the SQL Server service account have been trusted for delegation and if Jane has select permissions on Byzantium's Authors table, she will see the results of the query. If she's using Microsoft Internet Explorer (IE), the Web server won't prompt her for login credentials. The user's login credentials are passed transparently to the Web server. (If she isn't using IE, the Web server will prompt her for login credentials.)
Secure, Flexible Authentication
Data security is an important responsibility for all IT professionals. As the collection of personal, business, and national securityrelated data becomes more common, organizations will expect database developers and administrators to provide tighter security without incurring extra management tasks. By using account delegation, SQL Server professionals finally can phase out SQL Server authentication in favor of the more secure and easily managed Windows authentication.
End of Article
Prev. page
1
2
[3]
next page -->
