在IIS上,应用程序无法打开SQL连接
[英]Application cannot open SQL connection when on IIS
问题描述
I have a connection string that looks like this: 
我有一个如下所示的连接字符串:
Server=.;Database=mydbname;Trusted_Connection=True;
This works fine when i run/debug my application using Visual Studio (IIS Express) but after deployment over IIS-8 it throws me an exception while opening connection that: 当我使用Visual Studio(IIS Express)运行/调试我的应用程序时,这可以正常工作,但在IIS-8部署后,它会在打开连接时抛出异常:
Login failed for user 'IIS APPPOOL\\mysite'.
I am very confused why this is happening why IIS is adding its user in the middle when the database doesnt require one and why this is not happening with IIS Express ? 我很困惑为什么会发生这种情况为什么IIS在数据库不需要的时候在中间添加用户以及为什么IIS Express不会发生这种情况?
3 个解决方案
解决方案1
7 已采纳 2013-12-21 21:23:52
You're using Trusted_Connection=True and thus the user ApplicationPoolIdentity or IIS APPPOOL\\mysite is supplied to SQL server. 您正在使用Trusted_Connection=True ,因此用户ApplicationPoolIdentity或IIS APPPOOL\\mysite将提供给SQL Server。
Option 1. Give permissions to IIS APPPOOL\\mysite in SQL server. 选项1.为SQL Server中的IIS APPPOOL\\mysite授予权限。
Option 2. Use User Id=User_Id;Password=****** instead of Trusted_Connection=True 选项2.使用User Id=User_Id;Password=******而不是Trusted_Connection=True
解决方案2
5 2013-12-21 21:25:31
This is occurring because you have asked for the connection to be made using a trusted connection, which means that the operating system user that the code is being executed as will be the one connecting to the database. 发生这种情况的原因是您要求使用可信连接建立连接,这意味着正在执行代码的操作系统用户将是连接到数据库的用户。
In the case of IIS, the operating system user is usually defined in the IIS Application Pool unless you have specified impersonation to be used in web.config. 对于IIS,操作系统用户通常在IIS应用程序池中定义,除非您已指定要在web.config中使用的模拟。
By default (in order to prevent security issues), the default identity used for IIS Application Pools has a very limited capability. 默认情况下(为了防止出现安全问题),IIS应用程序池使用的默认标识功能非常有限。 Depending on your configuration (where SQL server is in relation to IIS (same machine, different machines), you may need to either specify a different identity for the app pool and/or you may need to grant authority to access SQL Server to the app pool identity. 根据您的配置(SQL服务器与IIS相关的位置(相同的计算机,不同的计算机),您可能需要为应用程序池指定不同的标识和/或您可能需要授予访问SQL Server到应用程序的权限池身份。
This Microsoft article has additional information on how to configure ASP.Net impersonation. 此Microsoft文章提供了有关如何配置ASP.Net模拟的其他信息。
We always configure our web applications to impersonate a domain user so that we can access databases and other resources on remote machines without having to affect the IIS application pool settings. 我们始终将我们的Web应用程序配置为模拟域用户,以便我们可以访问远程计算机上的数据库和其他资源,而不必影响IIS应用程序池设置。
解决方案3
1 2013-12-21 21:24:07
Having Trusted_Connection=true in the connection string will override the SQL authentication values with the IIS Identity user profile. 连接字符串中的Trusted_Connection=true将使用IIS标识用户配置文件覆盖SQL身份验证值。
Set Trusted_Connection=false 设置Trusted_Connection=false
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.