问题描述
如果连接字符串使用 SQL Server 身份验证模式指定 Trusted_Connection=true
,我的 Web 应用程序的性能会受到影响吗?
不是 100% 确定你的意思:
Trusted_Connection=True;
是使用 Windows 凭据并且 100% 等同于:
集成安全=SSPI;
或
集成安全=true;
如果您不想使用集成安全/可信连接,则需要在连接字符串中明确指定用户 ID 和密码(并省略对 Trusted_Connection
或 Integrated 的任何引用安全
)
server=yourservername;database=yourdatabase;user id=YourUser;pwd=TopSecret
仅在这种情况下,使用 SQL Server 身份验证模式.
如果存在这两个设置中的任何一个(Trusted_Connection=true
或 Integrated Security=true/SSPI
),则 Windows 凭据当前用户用于针对 SQL Server 进行身份验证,并且任何 user iD=
设置都将被忽略并且 not 被使用.
有关参考,请参阅 SQL Server 2005 的 连接字符串站点,其中包含大量示例和解释.
使用 Windows 身份验证是首选和推荐的做事方式,但它可能会导致轻微延迟,因为 SQL Server 必须针对 Active Directory 对您的凭据进行身份验证(通常).我不知道这种轻微的延迟可能会有多少,也没有找到任何参考资料.
总结:
如果您在连接字符串中指定 Trusted_Connection=True;
或 Integrated Security=SSPI;
或 Integrated Security=true;
p>
==> THEN(并且只有在那时)您才会发生 Windows 身份验证.连接字符串中的任何 user id=
设置都将被忽略.
如果您不指定其中任何一个设置,
==> 那么您不要进行 Windows 身份验证(将使用 SQL 身份验证模式)
If a connection string specifies Trusted_Connection=true
with SQL Server authentication mode, will performance of my web application be impacted?
Not 100% sure what you mean:
Trusted_Connection=True;
IS using Windows credentials and is 100% equivalent to:
Integrated Security=SSPI;
or
Integrated Security=true;
If you don't want to use integrated security / trusted connection, you need to specify user id and password explicitly in the connection string (and leave out any reference to Trusted_Connection
or Integrated Security
)
server=yourservername;database=yourdatabase;user id=YourUser;pwd=TopSecret
Only in this case, the SQL Server authentication mode is used.
If any of these two settings is present (Trusted_Connection=true
or Integrated Security=true/SSPI
), then the Windows credentials of the current user are used to authenticate against SQL Server and any user iD=
setting will be ignored and not used.
For reference, see the Connection Strings site for SQL Server 2005 with lots of samples and explanations.
Using Windows Authentication is the preferred and recommended way of doing things, but it might incur a slight delay since SQL Server would have to authenticate your credentials against Active Directory (typically). I have no idea how much that slight delay might be, and I haven't found any references for that.
Summing up:
If you specify either Trusted_Connection=True;
or Integrated Security=SSPI;
or Integrated Security=true;
in your connection string
==> THEN (and only then) you have Windows Authentication happening. Any user id=
setting in the connection string will be ignored.
If you DO NOT specify either of those settings,
==> then you DO NOT have Windows Authentication happening (SQL Authentication mode will be used)
这篇关于使用 Trusted_Connection=true 和 SQL Server 身份验证时,这会影响性能吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!