为什么从客户端计算机通过浏览器连接到网站时 IIS7 被阻止访问我的数据库?
Why is IIS7 blocked from accessing my database when connecting to a website via a browser from a client machine?
当我从同一台机器访问该网站时,IIS 处于 运行 状态,我可以连接到数据库,但如果我尝试远程访问它,则无法连接。我设法让它连接的唯一方法是当我指定物理路径凭据时:
click to open image
这对我不起作用,因为我在查询数据库时使用用户名作为搜索条件,这样我总是得到相同的用户名(我在物理路径凭据中指定的用户名)。
我很困惑,因为在本地和远程访问网站时,我使用相同的凭据,但得到的结果不同。
这是尝试远程访问站点时抛出的异常:
ByNadexLoginSystem.Exception: System.Exception:
'SelectDataObject()' failed --->
System.Data.SqlClient.SqlException: A network-related or
instance-specific error occurred while establishing a connection to
SQL Server. The server was not found or was not accessible. Verify
that the instance name is correct and that SQL Server is configured to
allow remote connections. (provider: Named Pipes Provider, error: 40 -
Could not open a connection to SQL Server) --->
System.ComponentModel.Win32Exception: Access is denied --- End of
inner exception stack trace
我已尝试添加文件夹权限,如下所示:
ASP.NET Application page not working on clients computers 没有任何成功。
SQL 服务器配置为允许远程连接。
我确定这是一个权限问题,我只是找不到位置。有什么想法吗?
我找到了我的问题的解决方案,我想感谢 Sean Lange. Thanks to his question it gave me a line of investigation to follow. While going through msdns documentation here https://msdn.microsoft.com/en-us/library/bsz5788z.aspx 我找到了这个:
If SQL Server is on a different computer than the Web server, the
Windows identity must be able to flow across the network to the remote
instance of SQL Server. (Windows networks that have been configured
appropriately with Kerberos authentication are able to do this.)
However, depending on the settings in the identity configuration
element, the Windows identity established on the operating system
thread for ASP.NET applications may not be able to flow properly to
the remote SQL Server.
In IIS, only Basic Authentication logs users on with a security token
that flows across the network to a remote SQL server. By default,
other IIS security modes used in conjunction with the identity
configuration element settings will not result in a token that can
authenticate to a remote SQL Server.
启用模拟和基本身份验证(禁用 Windows 身份验证)解决了问题!
当我从同一台机器访问该网站时,IIS 处于 运行 状态,我可以连接到数据库,但如果我尝试远程访问它,则无法连接。我设法让它连接的唯一方法是当我指定物理路径凭据时:
click to open image
这对我不起作用,因为我在查询数据库时使用用户名作为搜索条件,这样我总是得到相同的用户名(我在物理路径凭据中指定的用户名)。
我很困惑,因为在本地和远程访问网站时,我使用相同的凭据,但得到的结果不同。
这是尝试远程访问站点时抛出的异常:
ByNadexLoginSystem.Exception: System.Exception: 'SelectDataObject()' failed ---> System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) ---> System.ComponentModel.Win32Exception: Access is denied --- End of inner exception stack trace
我已尝试添加文件夹权限,如下所示: ASP.NET Application page not working on clients computers 没有任何成功。
SQL 服务器配置为允许远程连接。
我确定这是一个权限问题,我只是找不到位置。有什么想法吗?
我找到了我的问题的解决方案,我想感谢 Sean Lange. Thanks to his question it gave me a line of investigation to follow. While going through msdns documentation here https://msdn.microsoft.com/en-us/library/bsz5788z.aspx 我找到了这个:
If SQL Server is on a different computer than the Web server, the Windows identity must be able to flow across the network to the remote instance of SQL Server. (Windows networks that have been configured appropriately with Kerberos authentication are able to do this.) However, depending on the settings in the identity configuration element, the Windows identity established on the operating system thread for ASP.NET applications may not be able to flow properly to the remote SQL Server.
In IIS, only Basic Authentication logs users on with a security token that flows across the network to a remote SQL server. By default, other IIS security modes used in conjunction with the identity configuration element settings will not result in a token that can authenticate to a remote SQL Server.
启用模拟和基本身份验证(禁用 Windows 身份验证)解决了问题!