Reputation: 9
from web.config to IIS Application Pool Identities
I'm new to IIS/ASP .Net development, my application is using connection string which are declared to my web.config.
Now I read/heard that I can use IIS App Pool Identities to use instead of web.config.
Here's what I did:
- I've deleted my connection string from my web.config
- setup my app pool Identity property -> (Identity = ApplicationPoolIdentity)
- Added my connection string declared/within the App Site Connection Strings under "Custom" like
"Data Source=sql...blah;Initial Catalog=dbname;Integrated Security=False;Persist Security Info=False;User ID=MyDBUserName;Password=MyPassword;Connect Timeout=60;Encrypt=False;Current Language=English;"
It works as far as I know, but my question is, is this really how you configure it?
I was under the impression that you could use some variable (username, pass, dbname..etc), declared it on your web.config and binds it thru your app pool identities but I cannot find any article regarding that.
Thank You
Upvotes: 1
Views: 1368
Answers (1)
Reputation: 48954
You can set the user that the app-pool runs under. All that does is make the app-pool think that the user is some particular user who is logged on to the server.
This tends to NOT effect your database code, since you STILL need to tell your code what database to use. Even if your host computer and network is say using a domain controller, and you using windows logons to consume sql server. Your .net code behind will WILL need some connection string to specify the database and server anyway. And you having added that user under app-pool identify (I assume this one):
Well, now that "user" is for your file and network rights. So, that user can say be restricted to some set of folders - maybe a another server with large number of documents.
Added my connection string declared/within the App Site Connection Strings under "Custom"
Yes, and that puts the connection string in web.config - if you check the web config after doing above, you should see that string in web.config.
So, in theory, in your code, you can connect to the database server - and your app-pool user will be used, but you STILL have a connection string - what database, what server, etc. still needs to be defined (and used in your code). I mean, say desktop with windows authentication to SQL server does not get you off the hook as having a defined connection string some place to use. While the user might be running in the context of the "defined" app-pool user, you still need some place to store and eventually use some connection string. So, the fact of defining what user in app pool the code behind will run as? You still need a connection string and the connection string you use to the database would not be stored, nor come from app-pool settings anyway.
Upvotes: 1
Related Questions
- IIS 7.5: Setting 'app pool user' as the anonymous user programmatically
- Get the Application Pool Identity programmatically
- How to programmatically set App Pool Identity on IIS 8
- asp.net web.config impersonation vs application pool identity
- Changing web.config of a web application of website
- Retrieve application pool credential
- How to set up IIS 7 application pool identity correctly?
- Set IIS Website Application to use Application Pool identity for Anonymous authentication (via code)
- Can't find IIS AppPool Identity
- IIS Application pool identity