Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
sreehari
Starting Member
37 Posts |
 Posted - 2006-05-23 : 07:02:15
|
| Hi guysI would like to know which authentication mode is secured?winows or SQL Server? whyThanks in advance. |
|
|
CSK
Constraint Violating Yak Guru
489 Posts |
Posted - 2006-05-23 : 07:26:32
|
| i refer SQl server.In windows authentication mode; there is no user required.we can't set the rights to databasein sql server we can , in sa sa mode all users are acceesing the database (i mean insert,update & delete)but we have to restrict the user through sql server mode.in windows authentication mode we can'tThanksKK |
 |
|
|
jen
Master Smack Fu Yak Hacker
4110 Posts |
Posted - 2006-05-23 : 10:27:24
|
you can actually set the permissions you just stated in windows authentication and much more... connection strings are much simpler from the apps because they connect using trusted connection, the password renewal is handled by windows osmanagement and security becomes simpler, and you can't use the connection credentials unless you're logged into the domain my answer: windows authentication--------------------keeping it simple... |
|
|
|
cmdr_skywalker
Posting Yak Master
159 Posts |
Posted - 2006-05-23 : 14:02:31
|
| Windows is good for internal database. But once you deploy that to the customers site (i.e. if your an ISV), it becomes a concern since you don't have control over OS users and they migh have access to your schema, codes, etc. Check where you want to deploy the database. Use windows in a corporate database. For an app database to be deployed to client, I suggest to use sql.May the Almighty God bless us all! |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2006-05-23 : 14:22:03
|
quote:
Originally posted by CSK
i refer SQl server.In windows authentication mode; there is no user required.we can't set the rights to databasein sql server we can , in sa sa mode all users are acceesing the database (i mean insert,update & delete)but we have to restrict the user through sql server mode.in windows authentication mode we can'tThanksKK
None of this is true. Windows Authentication is the preferred method for authenticating your users to the database. Windows Authentication is much more secure. Use Windows Authentication wherever you can. We are unable to use it in our environment though due to the firewall that sits in between the front and back DMZ. They just won't let us open it up enough to set up a trust relationship between the two domains, so Windows Authentication is out for us.Tara Kizeraka tduggan |
|
|
|
jen
Master Smack Fu Yak Hacker
4110 Posts |
Posted - 2006-05-23 : 21:03:40
|
| if you're apps is web-based then you may need more than windows authentication, in my previous engagement, we actually used a windows account from the webserver connecting to the sql server provided that the webserver is dedicated to that apps, otherwise sql login is used and proper authentication via the apps were implementedfor specific access, you can restrict to the bare minimum that will not compromise or make your schema transparent like exec only only on sprocs or usage of views...--------------------keeping it simple... |
|
|
|
|
|
|
|
|
Secured authentication mode