连接远程SQL Server数据库的经典ASP问题
我有一个经典的 ASP 应用程序,我正在尝试连接到另一台服务器上的 SQL Server 2008 数据库.ASP 应用程序由 Windows Server 2008 上的 IIS7 提供服务.
我已将网站的应用程序池更改为在特定的 Windows 帐户下运行,我已验证可以访问远程服务器上的数据库.
但是,当我在浏览器中运行该应用程序时,出现此错误:
<前>应用程序错误编号:-2147217843 (0x80040E4D)来源:Microsoft OLE DB Provider for SQL Server描述:用户NT AUTHORITYANONYMOUS LOGON"登录失败.为什么它尝试使用 NT AUTHORITYANONYMOUS LOGON 进行连接?应用池标识是否不适用于经典 ASP 代码?我怎样才能以特定用户的身份进行连接?
编辑
这是我使用的连接字符串:
<块引用>Provider=SQLOLEDB.1;Data Source=myDbServer;Initial Catalog=myDatabase;Integrated Security=SSPI
解决方案对于使用经典 ASP 的应用程序池标识的站点,您需要更改用于匿名身份验证的凭据.默认情况下,站点将设置为使用特定用户,即 IUSR.
从您站点的 IIS 区域中选择身份验证,然后选择匿名身份验证,然后选择编辑.从特定用户更改为应用程序池标识.
建议使用 Windows 身份验证(集成安全性)而不是 SQL 身份验证,这样您的配置文件中就没有凭据,这样如果这些文件遭到破坏,您就不会失去对凭据的控制.
I have a classic ASP app that I am trying to connect to a SQL Server 2008 database on a different server. The ASP app is being served from IIS7 on Windows Server 2008.
I have changed the web site's application pool to run under a specific windows account, that I have verified has access to the database on the remote server.
However, when I run the app in the browser, I get this error:
Application Error Number: -2147217843 (0x80040E4D) Source: Microsoft OLE DB Provider for SQL Server Description: Login failed for user 'NT AUTHORITYANONYMOUS LOGON'.
Why is it trying to connect using NT AUTHORITYANONYMOUS LOGON? Does the App pool identity not apply to classic ASP code? How can I make this connect as a specific user?
EDIT
Here is the connection string I am using:
Provider=SQLOLEDB.1;Data Source=myDbServer;Initial Catalog=myDatabase;Integrated Security=SSPI
解决方案
For a site to use the application pool identity for classic ASP, you need to change the credentials used for Anonymous Authentication. By default, the site will be set to use a specific user, namely IUSR.
Select Authentication from the IIS area of your site, then select Anonymous Authentication followed by Edit. Change from Specific user to Application pool identity.
It's advisable to use Windows authentication (integrated security) over SQL authentication so that you don't have credentials in your config files so that if those files are compromised, you don't lose control of the credentials.
相关文章