what is integrated security in connection string in asp.net

what is integrated security in con开发者_开发技巧nection string in asp.net.

It uses the Windows account information from the ASP.NET AppDomain itself; usually NetworkService

To expand on above answer, it uses whatever account the application is running under.

Windows app: The user that is logged in.

Web Application: The user the site is running under (Not the application pool user). At least that is what we have seen and when using integrated security we create a domain service account, then set site to run under that account. Never have had to change account AppPool runs under. So for web apps it all depends on server and how site is setup.

This allows your connection string to be more secure since you do not have any user credentials in connection string. Your SQL database must be setup for Windows authentication or both SQL & Windows authentication