There is a database on Sql Server 2012. There is a user TestUser in the database, created like this:
CREATE LOGIN TestUser WITH PASSWORD = '123'; USE Банк; GO CREATE USER TestUser FOR LOGIN TestUser; GO
I am connecting to the base through a C # application using SqlConnection.
String ConnectionString = "Data Source=Computer;Initial Catalog=Банк;Persist Security Info=False;Integrated Security=SSPI;User ID=TestUser;Password=123;"; SqlConnection con = new SqlConnection(); con.ConnectionString = ConnectionString; con.Open();
The problem is that even if the password is incorrect, the connection will still be established and requests can be sent. Tell me how to fix it.
Try to remove "Integrated Security = SSPI". It seems that it logs in through the system login and coaxially ignores the user and password. That is, you are not logging in as TestUser.