ASP.Net/SQL Server Authentication

G

Guest

I'm not sure which newsgroup to post this in, so I'm putting it in the
general one. I am simply trying to get my ASP.Net application to connect to
a SQL database (on a different server) using an active directory account, NOT
the ASP.Net user account. So far, I have disabled the anonymous access for
the web site's directory security (in IIS), and I have ensured that I have
<authentication mode="Windows"/> in my web.config file. In my SQL Server
connection string I have 'Integrated Security=true;'

I have tried passing the user account through the HTTPContext object, but
I'm still getting the error that says Login failed for user 'DOMAIN\SERVER$'.
It's still trying to authenticate using the server's ASP.Net user account,
despite the setting in IIS that tells it specifically not to do that.

I'm sure there is some combination of DB connection string, web.config
settings, and IIS settings that need to be in place in order to do this. I
by no means want to grant access to the DB for the ASP.Net user. Does anyone
know what I'm missing here?

TIA,
Mike
 
N

Norman Yuan

The problem is that you do not know exactly which user account is running
your wep app. Once you know that, you 'd be able to give this account needed
access to the SQL Server.

You could do this to in your ASP.NET page to tell which user is ruing the
web app:

Add a label on the page

private void Page_Load(...)
{
Label1.Text=Context.User.Identity.Name
}

Disable anonymus access and set <authentication mode="Windows"/> requires
the user to be authenticated. In this case, if the user log into the domain
from his computer, he is considered authenticated, so, the IIS does not need
user to submit his credential again when connect to the app. However, the
web app is still run in a user account by its configuration. By default, it
is ASPNET or NETWORK SERVICE on the servicec computer. If you wna the app
run under a domain account (in order to access the SQL Server on other
computer), you can impersonate the running account to a domain account, or
simply set <identity impersonate="true" />. In this case, the wep app runs
under the domain user account, whoever is accessing the app.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Login failed for user '(null)'. vs asp.net 2
Impersonation with SQL Server SSPI 3
Windows Authentication 4
Authentication error using WSHttpBinding in WCF 0
SQL connection with custom authentication 9
not associated with a trusted SQL Server connection 2
Connecting to SQL Server using Windows Authentication 4
Deployable SQL Server authentication for ASP.NET 3

Top