Is this scenario supported?

20 Jul 2005 8:00 PM

me

Have an ASP.Net web application which needs to:

1) access an SQL server database (not a local server)
2) restrict access to the web application to a set of users

We'd like to configure the web application to access the database using a
single, specific account and an Application Pool. Easy. Done. Works.

How do we go about restricting access to the web application? Nothing we've
tried works. For example, if we restrict access to the set of users in the
authorization section of the web.config....nobody can access the pages.

Done a lot of reading and we're pretty confused at this point...please help.

21 Jul 2005 7:15 AM

Bernard Cheah [MVP]

You can configure IIS authentication, and further restrict file access via
NTFS permissions. refer
How To Configure IIS Web Site Authentication in Windows Server 2003
http://support.microsoft.com/?id=324274
How To Use NTFS Security to Protect a Web Page Running on IIS 4.0 or 5.0
http://support.microsoft.com/?id=299970

--
Regards,
Bernard Cheah
http://www.microsoft.com/iis/
http://www.iiswebcastseries.com/
http://www.msmvps.com/bernard/

Show quoteHide quote

"me" <m*@discussions.microsoft.com> wrote in message
news:E0362192-12C7-4D8D-96A2-28C938FFDFBC@microsoft.com...
> Have an ASP.Net web application which needs to:
>
> 1) access an SQL server database (not a local server)
> 2) restrict access to the web application to a set of users
>
> We'd like to configure the web application to access the database using a
> single, specific account and an Application Pool. Easy. Done. Works.
>
> How do we go about restricting access to the web application? Nothing
> we've
> tried works. For example, if we restrict access to the set of users in the
> authorization section of the web.config....nobody can access the pages.
>
> Done a lot of reading and we're pretty confused at this point...please
> help.