Q - App architecture (forms auth & sql backend)

  • Thread starter Thread starter Dan Walls
  • Start date Start date
D

Dan Walls

Hi,

I just had a question regarding forms authentication using a SQL database
backend. If my (planned)architecture is:

Internet -> firewall -> DMZ (IIS - access to User Interface) -> Firewall ->
SQL User Database, Application Server, SQL application database.

then what technology would I typically use to communicate between the IIS
machine in my DMZ and the SQL user database?

remoting?
web service?

Are there advantages/disadvantages to using either of these?

I don't want to host the SQL user database in the DMZ on the IIS machine -
for security reasons.

Is anyone aware of any examnples/tutorials of this sort of setup on the web?

Thanks in Advance,
Dan.
 
I think you would be slowing down you application severely if you
authenticate using remoting or web services. You'll have to do every SQL
call that way, which is ridiculously slow.

Can't the IIS machine have access to your SQL through the firewall?
I'm not really good with networking issues, but I think you should be able
to allow your IIS server to "see" your SQL server securely
 
That's sort of my question I think - how would my asp.net application
(running on the IIS server) talk to the SQL database on another server
behind my second firewall?

Thanks George,
Dan.
 
Dan,
I think it becomes a network issue rather than a programmatic one at this
point. Sorry, I'm of no use with network issues :) I'm just a code monkey
 
We had the arch and we got the network guys to open up the second firewall
for port (i think 1440, chk sql docs) for communication between the sql and
the webserver. That way thur this open port only these two can communicate.
 
thanks Rajesh and George,

But I'm actually trying to find out "how" they talk... ie. in asp.net the
code behind file for the login page needs to access the SQL Database which
is on a totally different machine (and behind a firewall).

How does it do this?

Sorry if I'm not being very clear. It's hard to be clear about something you
don't understand :)

Dan.
 
Well Dan, the communication with an Sql server happens thru Tcp/Ip. In tech
terms it uses a port or an address where the server listens for request for
connections. The firewall by default blocks everything which is useless. But
by allowing only certain ports like 80 for http, 25for pop, smtp21, and so
on. Sql i think talks on 1440 port. You can check on the sql documentation.

So here it is of the how the comm happens. Very much from 500 ft ht.
 
Back
Top