This documentation is archived and is not being maintained.

Using SQL Server in Web Applications

Visual Studio .NET 2003

To use a SQL server database, configure the security settings of your project to work with Integrated Security. To do this, turn off anonymous access and turn on impersonation, as indicated in the following procedure.

To configure Integrated Windows authentication

  1. Turn off the Anonymous Access in the Internet Services Manager using the following steps:
    1. Start the Internet Information Services tool. It can be run from the Administrative Tools from Control Panel.
    2. Expand the node for your server.
    3. Right-click the Default Web Site node and choose Properties from the shortcut menu.
    4. Click the Directory Security tab.
    5. Click the Edit button in the Anonymous access and authentication control section.
    6. Clear the Anonymous Access check box.
    7. Make sure that Integrated Windows authentication check box is selected.
  2. In your Visual Studio project, double-click the Web.config file in Solution Explorer to display the XML code, and make the following changes:
    1. Change the following line:

      <authentication mode="None" />


      <authentication mode="Windows" />

    2. Insert the following line after the tag <System.Web>:

      <identity impersonate="true" />

To run the walkthrough on a terminal server

  • In addition to changing the Web.config file as specified above, to run the walkthrough on a terminal server, you must have an administrator account on that terminal server so that you can change the Internet Services Manager anonymous access on the server.
Note   To learn about the security issues associated with Web Forms, see Overview of Web Application Security Threats.

See Also

IIS Authentication | ASP.NET Authentication | Access Permissions for Web Applications | Database Security | Security Model