By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,358 Members | 2,957 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,358 IT Pros & Developers. It's quick & easy.

Troubles Querying Database in Application_Start

P: n/a


I'm having trouble with my security model, Application_Start, and accessing
my database.

My ASP.NET app is only going to be running in an intranet environment (not
on the public Internet). The production environment will have installed
everything locally (i.e., IIS, SQL Server, .NET Framework, etc., all on a
Win2k Server).

In IIS, I have disabled anonymous access so that only Integrated Windows
authentication is used. Then in my Web.config file I've set it up to use
Windows authentication, as such:

<appSettings>

<add key="connectionString"
value="database=RegPerfectDb;server=localhost;Trus ted_Connection=true" />

</appSettings>

<system.web>

<authentication mode="Windows" />

<authorization>

<deny users="?" />

</authorization>

<identity impersonate="true" />

</system.web>

Then, in my Application_Start event in Global.asax, I need to run a query or
two to get some application-wide data from our database and store it in the
application cache.

When I try to access a database from Application_Start, I get the following
error:

System.Data.SqlClient.SqlException: Cannot open database requested in login
'DatabaseName'. Login fails. Login failed for user 'MACHINENAME\ASPNET'.

It's as if it is using the default ASP.NET worker process account (which is
not what I want). I need it to authenticate/authorize the logged in user
(which has access to the database) and use that user to access the database.

So, my questions are: what am I doing wrong? how do I set up IIS,
Web.config, database connection, etc. so that everything is properly
authenticated/authorized to the logged in user so that I can query the
database in Application_Start?

Thanks in advance for your help.



Nov 18 '05 #1
Share this Question
Share on Google+
6 Replies


P: n/a
This is because when the application starts, it isn't running under any
particular user. That only happens for page requests - which is processed
after the application is started. Application_Start runs only once - and so
in what you are proposing, it would happen to run under whoever happened to
be the first person to access the application? It just doesn't work that
way.

Whatever you do in application_start can't rely on what user happened to
have made the first request to this app - so it needs a connection
independent of that.

"Ober" <ob**@yahoo.com> wrote in message
news:e0**************@TK2MSFTNGP15.phx.gbl...


I'm having trouble with my security model, Application_Start, and accessing my database.

My ASP.NET app is only going to be running in an intranet environment (not
on the public Internet). The production environment will have installed
everything locally (i.e., IIS, SQL Server, .NET Framework, etc., all on a
Win2k Server).

In IIS, I have disabled anonymous access so that only Integrated Windows
authentication is used. Then in my Web.config file I've set it up to use
Windows authentication, as such:

<appSettings>

<add key="connectionString"
value="database=RegPerfectDb;server=localhost;Trus ted_Connection=true" />

</appSettings>

<system.web>

<authentication mode="Windows" />

<authorization>

<deny users="?" />

</authorization>

<identity impersonate="true" />

</system.web>

Then, in my Application_Start event in Global.asax, I need to run a query or two to get some application-wide data from our database and store it in the application cache.

When I try to access a database from Application_Start, I get the following error:

System.Data.SqlClient.SqlException: Cannot open database requested in login 'DatabaseName'. Login fails. Login failed for user 'MACHINENAME\ASPNET'.

It's as if it is using the default ASP.NET worker process account (which is not what I want). I need it to authenticate/authorize the logged in user
(which has access to the database) and use that user to access the database.


So, my questions are: what am I doing wrong? how do I set up IIS,
Web.config, database connection, etc. so that everything is properly
authenticated/authorized to the logged in user so that I can query the
database in Application_Start?

Thanks in advance for your help.


Nov 18 '05 #2

P: n/a
have a browse through the matrix.
how are you connecting to sql server ? trusted connection ? or sql user /
password ?

http://msdn.microsoft.com/library/de...SecNetAP05.asp

if you are using trusted connection or SSPI then your MACHINENAME\ASPNET
account will have to be granted access to the database (if you want to
enable access from application as there is no user context) plus for normal
user access dont forget to use <impersonate> in web.config

copying from an old code project article (though i wouldnt give access to
ASPNET account as DBOwner i would just just read / write on certain stored
procs
This should work on all other IIS 5.1 (possibly other versions)
combinations. The only difference between IIS 5.1 and IIS 6 is the account
the ASP.NET process runs under. IIS 5.1 runs under a %MACHINENAME%\ASPNET
where %MACHINENAME% is the machine name.

osql -E -S %SERVER%\%INSTANCE% -Q "sp_grantlogin '%MACHINENAME%\ASPNET'"Now
our ASP.NET application will be able to log into the server. Now all thats
left is to grant access to the databases.

osql -E -S %SERVER%\%INSTANCE% -d %DATABASE%
-Q "sp_grantdbaccess '%MACHINENAME%\ASPNET'"
osql -E -S %SERVER%\%INSTANCE% -d %DATABASE%
-Q "sp_addrolemember 'db_owner', '%MACHINENAME%\ASPNET'"These 2 lines will
add access to one of the databases. So if you want to add access to another
database just change %DATABASE% and run both lines.

other way open Query Analyser and do an "EXEC stored proc values here"
--

Regards,

Hermit Dave
(http://hdave.blogspot.com)
"Ober" <ob**@yahoo.com> wrote in message
news:e0**************@TK2MSFTNGP15.phx.gbl...


I'm having trouble with my security model, Application_Start, and accessing my database.

My ASP.NET app is only going to be running in an intranet environment (not
on the public Internet). The production environment will have installed
everything locally (i.e., IIS, SQL Server, .NET Framework, etc., all on a
Win2k Server).

In IIS, I have disabled anonymous access so that only Integrated Windows
authentication is used. Then in my Web.config file I've set it up to use
Windows authentication, as such:

<appSettings>

<add key="connectionString"
value="database=RegPerfectDb;server=localhost;Trus ted_Connection=true" />

</appSettings>

<system.web>

<authentication mode="Windows" />

<authorization>

<deny users="?" />

</authorization>

<identity impersonate="true" />

</system.web>

Then, in my Application_Start event in Global.asax, I need to run a query or two to get some application-wide data from our database and store it in the application cache.

When I try to access a database from Application_Start, I get the following error:

System.Data.SqlClient.SqlException: Cannot open database requested in login 'DatabaseName'. Login fails. Login failed for user 'MACHINENAME\ASPNET'.

It's as if it is using the default ASP.NET worker process account (which is not what I want). I need it to authenticate/authorize the logged in user
(which has access to the database) and use that user to access the database.


So, my questions are: what am I doing wrong? how do I set up IIS,
Web.config, database connection, etc. so that everything is properly
authenticated/authorized to the logged in user so that I can query the
database in Application_Start?

Thanks in advance for your help.


Nov 18 '05 #3

P: n/a
Interesting. Does this only happen in Application_Start event? Does it
connect to SQL as the logged in user in a later event, say from Page_Load?

Greg
"Ober" <ob**@yahoo.com> wrote in message
news:e0**************@TK2MSFTNGP15.phx.gbl...


I'm having trouble with my security model, Application_Start, and
accessing
my database.

My ASP.NET app is only going to be running in an intranet environment (not
on the public Internet). The production environment will have installed
everything locally (i.e., IIS, SQL Server, .NET Framework, etc., all on a
Win2k Server).

In IIS, I have disabled anonymous access so that only Integrated Windows
authentication is used. Then in my Web.config file I've set it up to use
Windows authentication, as such:

<appSettings>

<add key="connectionString"
value="database=RegPerfectDb;server=localhost;Trus ted_Connection=true" />

</appSettings>

<system.web>

<authentication mode="Windows" />

<authorization>

<deny users="?" />

</authorization>

<identity impersonate="true" />

</system.web>

Then, in my Application_Start event in Global.asax, I need to run a query
or
two to get some application-wide data from our database and store it in
the
application cache.

When I try to access a database from Application_Start, I get the
following
error:

System.Data.SqlClient.SqlException: Cannot open database requested in
login
'DatabaseName'. Login fails. Login failed for user 'MACHINENAME\ASPNET'.

It's as if it is using the default ASP.NET worker process account (which
is
not what I want). I need it to authenticate/authorize the logged in user
(which has access to the database) and use that user to access the
database.

So, my questions are: what am I doing wrong? how do I set up IIS,
Web.config, database connection, etc. so that everything is properly
authenticated/authorized to the logged in user so that I can query the
database in Application_Start?

Thanks in advance for your help.


Nov 18 '05 #4

P: n/a
> Whatever you do in application_start can't rely on what user happened to
have made the first request to this app - so it needs a connection
independent of that.


Ah, that makes good sense. Missed that.


Nov 18 '05 #5

P: n/a
Thanks for the info. That totally makes sense. Do you or does anyone else
have any suggestions on how to do what I'm looking to do? Maybe, put the
code in Session_Start (but then I don't need it to run for every new
session)? Or????
Thanks!
"Marina" <so*****@nospam.com> wrote in message
news:OP**************@tk2msftngp13.phx.gbl...
This is because when the application starts, it isn't running under any
particular user. That only happens for page requests - which is processed
after the application is started. Application_Start runs only once - and so in what you are proposing, it would happen to run under whoever happened to be the first person to access the application? It just doesn't work that
way.

Whatever you do in application_start can't rely on what user happened to
have made the first request to this app - so it needs a connection
independent of that.

"Ober" <ob**@yahoo.com> wrote in message
news:e0**************@TK2MSFTNGP15.phx.gbl...


I'm having trouble with my security model, Application_Start, and accessing
my database.

My ASP.NET app is only going to be running in an intranet environment (not on the public Internet). The production environment will have installed
everything locally (i.e., IIS, SQL Server, .NET Framework, etc., all on a Win2k Server).

In IIS, I have disabled anonymous access so that only Integrated Windows
authentication is used. Then in my Web.config file I've set it up to use Windows authentication, as such:

<appSettings>

<add key="connectionString"
value="database=RegPerfectDb;server=localhost;Trus ted_Connection=true" />
</appSettings>

<system.web>

<authentication mode="Windows" />

<authorization>

<deny users="?" />

</authorization>

<identity impersonate="true" />

</system.web>

Then, in my Application_Start event in Global.asax, I need to run a query or
two to get some application-wide data from our database and store it in

the
application cache.

When I try to access a database from Application_Start, I get the

following
error:

System.Data.SqlClient.SqlException: Cannot open database requested in

login
'DatabaseName'. Login fails. Login failed for user 'MACHINENAME\ASPNET'.

It's as if it is using the default ASP.NET worker process account (which

is
not what I want). I need it to authenticate/authorize the logged in

user (which has access to the database) and use that user to access the

database.



So, my questions are: what am I doing wrong? how do I set up IIS,
Web.config, database connection, etc. so that everything is properly
authenticated/authorized to the logged in user so that I can query the
database in Application_Start?

Thanks in advance for your help.



Nov 18 '05 #6

P: n/a
Is there any reason why you can't create a login for the ASPNET user?

Also, it is recommended that you use a single account to access your
database rather than use an account for each user. That way you will be
using your pooled connections more efficiently.

- Frank Mamone

"Ober" <ob**@yahoo.com> wrote in message
news:%2****************@TK2MSFTNGP11.phx.gbl...
Thanks for the info. That totally makes sense. Do you or does anyone else have any suggestions on how to do what I'm looking to do? Maybe, put the
code in Session_Start (but then I don't need it to run for every new
session)? Or????
Thanks!
"Marina" <so*****@nospam.com> wrote in message
news:OP**************@tk2msftngp13.phx.gbl...
This is because when the application starts, it isn't running under any
particular user. That only happens for page requests - which is processed
after the application is started. Application_Start runs only once - and
so
in what you are proposing, it would happen to run under whoever happened to
be the first person to access the application? It just doesn't work that
way.

Whatever you do in application_start can't rely on what user happened to
have made the first request to this app - so it needs a connection
independent of that.

"Ober" <ob**@yahoo.com> wrote in message
news:e0**************@TK2MSFTNGP15.phx.gbl...


I'm having trouble with my security model, Application_Start, and

accessing
my database.

My ASP.NET app is only going to be running in an intranet environment

(not on the public Internet). The production environment will have installed everything locally (i.e., IIS, SQL Server, .NET Framework, etc., all on a
Win2k Server).

In IIS, I have disabled anonymous access so that only Integrated
Windows authentication is used. Then in my Web.config file I've set it up to

use Windows authentication, as such:

<appSettings>

<add key="connectionString"
value="database=RegPerfectDb;server=localhost;Trus ted_Connection=true" />
</appSettings>

<system.web>

<authentication mode="Windows" />

<authorization>

<deny users="?" />

</authorization>

<identity impersonate="true" />

</system.web>

Then, in my Application_Start event in Global.asax, I need to run a query
or
two to get some application-wide data from our database and store it in the
application cache.

When I try to access a database from Application_Start, I get the

following
error:

System.Data.SqlClient.SqlException: Cannot open database requested in

login
'DatabaseName'. Login fails. Login failed for user
'MACHINENAME\ASPNET'.
It's as if it is using the default ASP.NET worker process account

(which is
not what I want). I need it to authenticate/authorize the logged in

user (which has access to the database) and use that user to access the

database.



So, my questions are: what am I doing wrong? how do I set up IIS,
Web.config, database connection, etc. so that everything is properly
authenticated/authorized to the logged in user so that I can query the
database in Application_Start?

Thanks in advance for your help.




Nov 18 '05 #7

This discussion thread is closed

Replies have been disabled for this discussion.