Integrated Security ASP.NET MVC - user account or pool application user

18 views Asked by At

We are wondering what is the best approach to do integrated security.

  1. Create an user per application, for user we assign active directory group that give access to database, we assign user to application pool, it's the user that connect to SQL.

  2. We assign active directory group that give access to database to real user accounts. We use user account to connect to the database.

We try both ways - we just wonder what is the best approach.

We think that using the user per application is the best approche, because by user account, we see that in excel the user would be able to connect to database.

Is there a way to configure securit so that access to database will be available pas iis machine.

0

There are 0 answers