I am developing an asp.net mvc 4 web app which would be hosted on godaddy. I have experience developing for intranet applications where the authentication is done with active directory.
My question is Is there a way to get windows authentication to work for a host like godaddy? I know this can be done by creating a so called 'Virtual Account' and then running the app pool under that identity but since I don't have access to those kinds of options what other methods (if any) are available?
I have spent a lot of time googling but can't find anything that answers my question to the point. The best explanation so far I found was this one
I know I could just use SQL Server authentication but the main problem I have is having to specify the password in the connection string (encrypted or otherwise) which could be accessed by someone. If I use the password in the application code I would have to recompile every time I change my password. Even the answer to the SO question above says it's not good to use SQL Server authentication.
If there is no way to get windows authentication to work then what would be the best way to securely use connection strings for sql server authentication?
Any help would be greatly appreciated.
Update: Ok, I just called up godaddy and they don't allow Windows Authentication. The question might still be helpful for someone with a similar problem, specially if we could explore the various ways to secure the connection strings.
