Dev (1/11/2012)
I don’t prefer Windows Authentication based database servers for Web Application. It’s better if user login with Application (Web) Login Name and Application Server translate its credentials to SQL Server login for database operations.
Why is it better ?
I don't agree because anyone who has access to the web application config file will be able to retrieve sql login and password and then access to databases even if there is no reason for that.
Unless there is some encryption involved.