Connectivity to SQL Server 2000

C

Colin Basterfield

Hi,

I am prety new to ADO.NET and have been playing around with some Web Service
examples, and as a result had some problems which I separated out into first
a Windows app, and then a Web App. I use Windows NT authentication so in
the windows app this connection string worked

"workstation id=<compname>;packet size=4096;integrated security=SSPI;data
source=<compname>;persist security info=False;initial catalog=<dbName>"

In the Web App it failed saying the login had failed with this message

Any ideas anyone?

Cheers in advance...
Colin
 
D

David Browne

Colin Basterfield said:
Hi,

I am prety new to ADO.NET and have been playing around with some Web Service
examples, and as a result had some problems which I separated out into first
a Windows app, and then a Web App. I use Windows NT authentication so in
the windows app this connection string worked

"workstation id=<compname>;packet size=4096;integrated security=SSPI;data
source=<compname>;persist security info=False;initial catalog=<dbName>"

In the Web App it failed saying the login had failed with this message


Any ideas anyone?
Click to expand...
When a user makes a request for a web page, the code to generate that web
page runs in a special security context. It can't run in the users'
security context, because the user may well be an anonymous internet user.
By default it doesn't run in _your_ security context, because you are a very
powerful security principal, and it could be dangerous. So ASP.NET creates
a special accoutnt ASPNET, with just enough rights to process ASP.NET pages.

Now when you connect using integrated security, the current security context
that the code is running in is used to authenticate you to SQL Server. In a
Windows app, that's you. In a web app it's usually not. To fix this you
can either change the account the ASP.NET code is running in, grant SQL
Server access to '<compname>\ASPNET', or use a username and password to
connect to SQL Server.

David
 
C

Chris Taylor

Hi,

ASP.NET applications run under the account <computername>\ASPNET. To get the
application to execute under the identity of the caller you will need to
enable empersonation to do this add the following entry into the web.config
file.

<configuration>
<system.web>
...
<identity impersonate="true"/>
...
</system.web>
</configuration>

Be aware that using impersonation could pose a security risk for a web based
service so generally I would not recommend it.

Hope this helps

Chris Taylor
 
C

Colin Basterfield

Hi guys!

Many thanks for your help, I am cooking with gas, and what you both said I
guess is obvious, well especially when you know!!! :)

cheers
Colin
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Checking for db connectivity 2
how to quickly check for database connectivity quickly 1
integrated Secure 4
login failed for sql server 10
Connection issue 3
Login failed for user 6
Login problem: MSDE from ASP.Net 3
Database Connections 3

Top