I have two apps that use Integrated Security. One assigns Integrated Security = true
in the connection string, and the other sets Integrated Security = SSPI
.
What is the difference between SSPI
and true
in the context of Integrated Security?
Let me start with
Integrated Security = false
false
User ID and Password are specified in the connection string.true
Windows account credentials are used for authentication.Recognized values are
true
,false
,yes
,no
, andSSPI
.If
User ID
andPassword
are specified and Integrated Security is set totrue
, thenUser ID
andPassword
will be ignored and Integrated Security will be usedUsing Windows Authentication
To connect to the database server is recommended to use Windows Authentication, commonly known as integrated security. To specify the Windows authentication, you can use any of the following two key-value pairs with the data provider. NET Framework for SQL Server:
However, only the second works with the data provider .NET Framework OleDb. If you set
Integrated Security = true
for ConnectionString an exception is thrown.To specify the Windows authentication in the data provider. NET Framework for ODBC, you should use the following key-value pair.
Source: MSDN: Working with Connection Strings
Integrated Security = False : User ID and Password are specified in the connection. Integrated Security = true : the current Windows account credentials are used for authentication.
Integrated Security = SSPI : this is equivalant to true.
We can avoid the username and password attributes from the connection string and use the Integrated Security