sql server身份验证和Windows身份验证有什么区别...是否有使用每种身份验证的具体情况?
MrT*_*lly 24
SQL Server有自己的内置安全系统,涵盖登录和角色.这与Windows用户和组分开且并行.您可以只使用SQL安全性,然后所有管理都将在SQL Server中进行,并且这些登录和Windows用户之间没有任何关联.如果您使用混合模式,那么Windows用户就像SQL登录一样对待.
每种方法都有许多功能 -
1)如果你想使用连接池你必须使用SQL登录,或者所有人共享相同的Windows用户 - 不是一个好主意.
2)如果您想跟踪特定用户正在做什么,那么使用Windows身份验证是有意义的.
3)使用Windows工具管理用户比SQL强大得多,但两者之间的链接很脆弱,例如,如果删除Windows用户,则SQL中的相关数据不会更新.
小智 16
SQL Authentication
SQL Authentication is the typical authentication used for various database systems, composed of a username and a password. Obviously, an instance of SQL Server can have multiple such user accounts (using SQL authentication) with different usernames and passwords. In shared servers where different users should have access to different databases, SQL authentication should be used. Also, when a client (remote computer) connects to an instance of SQL Server on other computer than the one on which the client is running, SQL Server authentication is needed. Even if you don't define any SQL Server user accounts, at the time of installation a root account - sa - is added with the password you provided. Just like any SQL Server account, this can be used to log-in localy or remotely, however if an application is the one that does the log in, and it should have access to only one database, it's strongly recommended that you don't use the sa account, but create a new one with limited access. Overall, SQL authentication is the main authentication method to be used while the one we review below - Windows Authentication - is more of a convenience.
Windows Authentication
When you are accessing SQL Server from the same computer it is installed on, you shouldn't be prompted to type in an username and password. And you are not, if you're using Windows Authentication. With Windows Authentication, the SQL Server service already knows that someone is logged in into the operating system with the correct credentials, and it uses these credentials to allow the user into its databases. Of course, this works as long as the client resides on the same computer as the SQL Server, or as long as the connecting client matches the Windows credentials of the server. Windows Authentication is often used as a more convenient way to log-in into a SQL Server instance without typing a username and a password, however when more users are envolved, or remote connections are being established with the SQL Server, SQL authentication should be used.
理想情况下,在 Intranet 类型的环境中工作时必须使用 Windows 身份验证。
而 SQL Server 身份验证可用于所有其他类型的情况。
这是一个可能有帮助的链接。
| 归档时间: |
|
| 查看次数: |
96180 次 |
| 最近记录: |