Performance Issues Caused By SQL Server Windows Authentication
If a high rate of SQL Server logons affects your Web site's performance and you are using Windows authentication to connect to SQL Server, you can change one of the following registry settings to improve performance:
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CommerceServer\9.0\Profiles\ UnsafeAuthenticatedConnectionSharing registry key to 1.
You must consider your environment and security requirements before changing this registry value. The default value of 0 (zero) offers better security but potentially slower performance because it forces a logon and logoff for each Profiles System database connection. If your Web site uses impersonation to connect to Profiles System resources, there is a security risk when you change the default value. When you set the value to 1, new SQL Server logons are not forced for each connection to the Profiles System database from the connection pool. Instead, old connections from the connection pool are recycled and retain the security permissions from the last impersonated user. As a result, a new Web user connects to the Profiles database under the security context of a previous user. This poses a security risk.