I'm running the PTWin project. After clicking "OK" on the login box I get:
{"DataPortal.Fetch failed (System.Data.SqlClient.SqlException: The user instance login flag is not supported on this version of SQL Server. The connection will be closed.
I'm using the full SQL Server 2005 database engine. I've attached the database files and tried changing the connection strings in App.config but it still doesn't work.
Does anyone know what's going on?
Thanks.
Turns out I have to supply the userID and Password ("pm") right in the connection strings like this:
<
connectionStrings><
add name="PTracker"connectionString="Data Source=.\SQLSERVER2005;Initial Catalog = CSLA_PTRACKER;Integrated Security=False;UID="pm";PWD="pm""providerName="System.Data.SqlClient" />
<add name="Security"
connectionString="Data Source=.\SQLSERVER2005;Initial Catalog = CSLA_SECURITY;Integrated Security=False;UID="pm";PWD="pm""providerName="System.Data.SqlClient" />
</connectionStrings>
But this is not very secure as the password is now in plain text in the App.config file. Is there any way around this?
Thanks.
RockfordLhotka:It sounds like you didn't successfully change the config settings, because that message means the conn string still says to use SQL Express...
Well, you can either connect to SQL Server using integrated
security or SQL security. In your case you’ve set up the db to use SQL
security, so it requires that you provide a SQL username and password. If you
switch to integrated security it will use the Windows security token of the
process that’s contacting the database.
There are many, many issues around both of these security
models. Each has strengths and weaknesses, and the right answer varies
depending on your environment, security needs, and so forth. You should do some
research on database connection security – probably on MSDN, but I’m
sure many books on programming apps using databases cover the options as well.
Microsoft recommends integrated security, but it does have its
drawbacks, so educate yourself first.
Also, it is possible (at least with web.config) to encrypt the
<connectionStrings> region of the config file. I don’t know for
sure if that can be done for Windows apps. But that may be an option for you as
well.
Rocky
Copyright (c) Marimer LLC