Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Using ASP to access remote SQL database

Status
Not open for further replies.
Stevos

Stevos

MIS
May 31, 2001
10
0
0
AU
Hello All,

Have a bit of a tricky one here, and wondering if anyone could help me out. The problem involves allowing my ISP hosted ASP 3.0 pages to access and internal SQL server database. Does anyone know how this can best (if at all) be done?

From wat we have come up with, there are two possible solutions:

1. Configure our firewall so that only our ISP can get through on SQL port to query, but that does not provide enough security as SQL level access will send passwords in clear text (not acceptable for required security level), and this may at the same time expose our production database.
2. Create some kind of Web service (an ASP page) that locally queries the database, and have our external ASP page query the internal page (is this even possible?). This would allow for the only opening up ports from our ISPs IP to our webserver for HTTP traffic. (Again, hosting the actual external page ourselves is not an option due to bandwidth considerations).

The second idea seems preferable, but i have no idea how i'd go about it. Any ideas? Any help or advice on either of the above two options (or in general) would be greatly appreciated, as i know it would be very difficult to not know more than i do!!

Many Thanks,
Steve
 
Sort by date Sort by votes
You could create a page on your internal site that accepts an argument as part of the querystring. In this case an sql statement. Then if it is a select statement you could output the results as xml.

Your foreign page would use the XMLHTTP object to send a equest for that page, along with the SQL statement. If it is a SELECT statement it would receive back your nicely XML formatted records for you to manipulate.

4guysfromrolla has several example of XMLHTTP, mostly for non-XML applications. The microsoft site has more XML related examples, but spreads them across a few languages.

-Tarwn

[sub]01010100 01101001 01100101 01110010 01101110 01101111 01101011 00101110 01100011 01101111 01101101 [/sub]
[sup]29 3K 10 3D 3L 3J 3K 10 32 35 10 3E 39 33 35 10 3K 3F 10 38 31 3M 35 10 36 3I 35 35 10 3K 39 3D 35 10 1Q 19[/sup]
Get better results for your questions: faq333-2924
Frequently Asked ASP Questions: faq333-3048
 
Upvote 0 Downvote
Tarwn,

Thats really helpful, thanks. I do have a couple of questions on that, tho:

Will such a query string allow for the querying and manipulation of the SQL database?
and, Is tehre anyway to secure such an arrangement (verification, SSL, etc?) - so that its not available for just anyone to send a query-string to the page and manipulate the database?

Many Thanks,
Steve
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
99
leifoet
leifoet
penguinspeaks
  • Locked
  • Question
write HTML code within ASP line
Replies
1
Views
116
xwb
xwb
penguinspeaks
  • Locked
  • Question
Return to current location on page after asp processes.
Replies
2
Views
92
penguinspeaks
penguinspeaks
penguinspeaks
  • Locked
  • Question
Parse a database field that is comma delimited and input the results into another table
Replies
0
Views
76
penguinspeaks
penguinspeaks
bslintx2021
  • Locked
  • Question
How to configure IIS 10 server to allow Classic ASP to connect to MSSQL server database on a domain
Replies
1
Views
214
penguinspeaks
penguinspeaks

Part and Inventory Search

Sponsor

Back
Top