I'm a total newbie to web development, so this may be kind of a stupid question, however... I have a .NET application that calls out to a python script after a user uploads some data. This python script connects to an SDE database and manipulates the data they uploaded to insert into the database. What I'm wondering is when the application is accessed by users remotely, are they going to be able to make the database connection just because it's scripted in (e.g. arcpy.env.workspace = r'Database Connections\myDatabase.sde')? What kind of permissions would they need? When I think about it, I can access the database and run the script because my windows authentication verifies my permissions to access that database. I imagine when this application goes into production, there will need to be some alternate way to verify the user is allowed to connect to the database because even though the script resides on my computer and I'm authorized, I'm not the one accessing it. Does that make sense?
Along with our System Administrator --- it was a lot of trial error before we got a working balance! I imagine every set up would be different -- Now if you are using Kerberos as part of your security, you may have to yet go through another level of setting up stuff -- A lot of this is highly depended upon your individual network set up so any one answer may or may not apply to you.
For my case I set up a domain and local account srv-mdxinfo. Hope this gives you some things to try out!
So seems like you are connecting to the GDB using OS Authentication (instead of database authentication with username and password) in myDatabase.sde, right? Then I believe it would depend on whether the OS account hosting the web application has access to the GDB or not. If the web application is hosted on ArcGIS Server (e.g. SOE), then it means the account ArcGIS Server is running as (Local Services -> ArcGIS Server right-click Properties -> Log On); if hosted on IIS, it would be like Ted's situation.