Even in this case you mentioned to me we need to right username and password in global.asa
what i am expecting to find a way to not provide username and password any where in the code. I have heard that there are some settings in the IIS through which we can handle this. The idea was about to create a service account there in IIS and writting Trusted Connection in db connection string.
But to do that. I am not aware of that.
Any one know about this Service Account setup there in IIS.
Please do let me know.
why do you really need to have a trusted connection? if the site is https and the hosting company is straight (or trusted users only on the computer) its secure enough. the username and password is not sent in the content / pages. its all handled on the server. to get added protection ssl the trafic from the webserver to the database server.
If you're in one of those predicaments where cls.__private attributes just aren't enough since they can easily be accessed through inst._cls__private, and you need something a little more secure, here's ...