php windows身份验证_如何：使用 Windows 身份验证进行连接

最新推荐文章于 2023-12-24 08:00:00 发布

OZARGPT

最新推荐文章于 2023-12-24 08:00:00 发布

阅读量368

点赞数

文章标签： php windows身份验证

本文链接：https://blog.csdn.net/weixin_32193393/article/details/115108652

版权

本文介绍了如何使用PHP的Microsoft Drivers for SQL Server在Windows环境下进行身份验证连接SQL Server，强调了Windows认证的安全性和配置要点，并提供了SQLSRV和PDO_SQLSRV驱动的示例代码。

摘要由CSDN通过智能技术生成

如何：使用 Windows 身份验证进行连接How to: Connect Using Windows Authentication

03/26/2018

本文内容

默认情况下， Microsoft Drivers for PHP for SQL ServerMicrosoft Drivers for PHP for SQL Server 使用 Windows 身份验证连接 SQL Server。By default, the Microsoft Drivers for PHP for SQL ServerMicrosoft Drivers for PHP for SQL Server use Windows Authentication to connect to SQL Server. 请务必注意，在大多数情况下，这通常意味着使用 Web 服务器的进程标识或线程标识(如果 Web 服务器正在使用模拟)来连接服务器，而不是最终用户的标识。It is important to note that in most scenarios, this means that the Web server's process identity or thread identity (if the Web server is using impersonation) is used to connect to the server, not an end-user's identity.

使用 Windows 身份验证连接 SQL Server 时，必须要考虑以下几点：The following points must be considered when you use Windows Authentication to connect to SQL Server:

运行 Web 服务器的进程(或线程)所依据的凭据必须映射到有效的 SQL Server 登录才能建立连接。The credentials under which the Web server's process (or thread) is running must map to a valid SQL Server login in order to establish a connection.

如果 SQL Server 和 Web 服务器位于不同的计算机上，则必须配置 SQL Server 才能启用远程连接。If SQL Server and the Web server are on different computers, SQL Server must be configured to enable remote connections.

备注

建立连接时可以设置连接属性，如 Database 和 ConnectionPooling 。Connection attributes such as Database and ConnectionPooling can be set when you establish a connection. 有关受支持的连接属性的完整列表，请参阅 Connection Options。For a complete list of supported connection attributes, see Connection Options.

只要可能存在以下原因，都应使用 Windows 身份验证来连接 SQL Server：Windows Authentication should be used to connect to SQL Server whenever possible for the following reasons:

没有任何凭据在身份验证期间通过网络传递；用户名和密码未嵌入在数据库连接字符串中。No credentials are passed over the network during authentication; user names and passwords are not embedded in the database connection string. 这意味着恶意用户或攻击者无法通过监视网络或查看配置文件内部的连接字符串来获取凭据。This means that malicious users or attackers cannot obtain the credentials by monitoring the network or by viewing connection strings inside configuration files.

用户要进行集中式帐户管理；强制执行多次无效登录请求后的安全策略，如密码有效期、最短密码长度和帐户锁定。Users are subject to centralized account management; security policies such as password expiration periods, minimum password lengths, and account lockout after multiple invalid logon requests are enforced.

If Windows Authentication is not a practical option, see How to: Connect Using SQL Server Authentication.

SQLSRV 示例SQLSRV example

通过使用 Microsoft Drivers for PHP for SQL ServerMicrosoft Drivers for PHP for SQL Server的 SQLSRV 驱动程序，以下示例将使用 Windows 身份验证连接到 SQL Server 的本地实例。Using the SQLSRV driver of the Microsoft Drivers for PHP for SQL ServerMicrosoft Drivers for PHP for SQL Server, the following example uses the Windows Authentication to connect to a local instance of SQL Server. 建立连接后，服务器将查询正在访问数据库的用户登录名。After the connection has been established, the server is queried for the login of the user who is accessing the database.

该示例假定已在本地计算机上安装了 SQL Server 和 AdventureWorks 数据库。The example assumes that SQL Server and the AdventureWorks database are installed on the local computer. 当从浏览器运行该示例时，所有输出都将写入该浏览器。All output is written to the browser when the example is run from the browser.

/* Specify the server and connection string attributes. */

$serverName = "(local)";

$connectionInfo = array( "Database"=>"AdventureWorks");

/* Connect using Windows Authentication. */

$conn = sqlsrv_connect( $serverName, $connectionInfo);

if( $conn === false )

{

echo "Unable to connect.";

die( print_r( sqlsrv_errors(), true));

}

/* Query SQL Server for the login of the user accessing the

database. */