Authentication in general

M

Magnus Blomberg

Hello!

I have a general problem with ASP.NET and SQL regarding to authority and
authentication.

What I would like to accomplish:

This is for an intranet solution, where servers and users are in the same
network.
The users are logged in into our network as Domain\User.
When the user is browsing into my application, he/she should be
authenticated by the Domain\User account.
Then in the code-behind, I want to establish a connection to a SQL-server
using the account Domain/User.

What are the steps for this? What to do in IIS, Web.Config and the
SQLConnectionstring?

Best regards
/Magnus
 
G

Guest

In IIS, you have to turn off anonymous access. If you do not, the user will
always be authenticated as LOCAL_MACHINE_NAME\IUSR_LOCAL_MACHINE_NAME.

In the Domain, you have to add every user to a specific SQL group (you could
use users, but make sure you lock down access, no matter what group). I would
create a new group, personally, or perhaps even groups, if you want to alter
access for certain people.

In SQL Server, you have to add the Domain group as a user group account.
This gets you away from adding every user individually, which would be
painful. This can be done rather easily in Enterprise Manager.

In you ASP.NET solution, you have to set up to impersonate in the
web.config. There is plenty of information about this, both on the web and in
the .NET help file. The quickstart samples most likely cover this, as well.

---

Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***************************
Think Outside the Box!
***************************
 
S

Scott Allen

Hi Magnus:

In web.config you'll want to have:

<identity impersonate="true"/>
and
<authentication mode="Windows" />

If you need to connect to a SQL Server instance not on the same
machine as the web application there is an additional hurdle. You'll
need to use delegation, not just impersonation.

See:
How to configure an ASP.NET application for a delegation scenario
http://support.microsoft.com/default.aspx?scid=kb;en-us;810572

This document goes into more detail about the web.config settings.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ASP.net authentication issue 2
Windows authentication from ASP.NET to SQL Server 8
Prob: Connecting to MSSQL using windows authentication 7
Custom Authentication 1
Windows Authentication 4
Impersonation with SQL Server SSPI 3
web.config and Anonymous Authentication problems ??? 0
Windows authentication. 2

Top