G
Guest
The Microsoft .NET Compact Framework Core Reference recommends at every turn
that programmers should use Windows Integrated Authentication (WIA) for
database access. No example connection strings are provided, but an MSDN
article, "Smart Device Projects/Using System.Data.SqlClient" states that the
connection string must include "Integrated Security=SSPI" as well as the
userid and domain\password. The UID/password requirement makes sense in the
context of a pocket PC since users generally don't have to log in to them. I
want to assume the the obvious... that the Pocket PC Creates the WIA token
and the the token is what gets sent over the WLAN. I work in a hospital
environment where federal HIPPA regulations apply and I can't assume
anything. I need to hear from an authority that, assuming an unencrypted
communications environment, that the token, not the users password is what
goes out over the air waves.
that programmers should use Windows Integrated Authentication (WIA) for
database access. No example connection strings are provided, but an MSDN
article, "Smart Device Projects/Using System.Data.SqlClient" states that the
connection string must include "Integrated Security=SSPI" as well as the
userid and domain\password. The UID/password requirement makes sense in the
context of a pocket PC since users generally don't have to log in to them. I
want to assume the the obvious... that the Pocket PC Creates the WIA token
and the the token is what gets sent over the WLAN. I work in a hospital
environment where federal HIPPA regulations apply and I can't assume
anything. I need to hear from an authority that, assuming an unencrypted
communications environment, that the token, not the users password is what
goes out over the air waves.