Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post May 12, 2005 11:34 PM by danmor
May 03, 2005 12:32 PM|LINK
May 12, 2005 11:34 PM|LINK
Cassini runs as the current logged on user (your NT credentials), but IIS runs web sites under the ASPNET account which may not have priviliges to access your database. So, if you have rights to the database but the machine ASPNET account does not, then
this database access will work under Cassini but not IIS.
You can use impersonation in your web config file so that the web site will make requests with specific user credentials: <identity impersonate="true" userName="ns130" password="123456" />
Another note. Your code above is a security risk. A malicious user could possibly inject code in 'Me.DropdownList1.SelectedValue', i.e. inject their own 'SelectedValue' and run their own SQL command on your database and possibly expose data.