468,535 Members | 1,709 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,535 developers. It's quick & easy.

SQL integrated authentication when using forms authentication

I currently I am using integrated windows authentication, (anonymous access
disabled), with impersonation on my asp.net app. I would like to implement
forms authentication against AD, but I have not found a way to then have the
proper AD user authenticated on the SQL server. If I enable anonymous
access and then specify a user that had rights to the SQL server I can make
the calls but I loose any audit trail or SQL server level rights (everyone
appears to be the same user to SQL). If I use SQL authentication on the SQL
server I can send the proper credentials to the server using the information
from the logon form, but I would like to stick with integrated
authentication on the SQL server if I could.
Nov 18 '05 #1
2 1502
There's no easy solution to the problem -- you might want to take a
look at the ASP.NET security best practices whitepaper, which explores
the options:
http://www.microsoft.com/downloads/r...eleaseID=44047

--Mary

On Tue, 19 Oct 2004 13:00:33 -0400, "Brett Smith" <bsmith at comppro
dot com> wrote:
I currently I am using integrated windows authentication, (anonymous access
disabled), with impersonation on my asp.net app. I would like to implement
forms authentication against AD, but I have not found a way to then have the
proper AD user authenticated on the SQL server. If I enable anonymous
access and then specify a user that had rights to the SQL server I can make
the calls but I loose any audit trail or SQL server level rights (everyone
appears to be the same user to SQL). If I use SQL authentication on the SQL
server I can send the proper credentials to the server using the information
from the logon form, but I would like to stick with integrated
authentication on the SQL server if I could.


Nov 18 '05 #2
Thank you for your response.

"Mary Chipman" <mc***@online.microsoft.com> wrote in message
news:do********************************@4ax.com...
There's no easy solution to the problem -- you might want to take a
look at the ASP.NET security best practices whitepaper, which explores
the options:
http://www.microsoft.com/downloads/r...eleaseID=44047

--Mary

On Tue, 19 Oct 2004 13:00:33 -0400, "Brett Smith" <bsmith at comppro
dot com> wrote:
I currently I am using integrated windows authentication, (anonymous
access
disabled), with impersonation on my asp.net app. I would like to implement
forms authentication against AD, but I have not found a way to then have
the
proper AD user authenticated on the SQL server. If I enable anonymous
access and then specify a user that had rights to the SQL server I can
make
the calls but I loose any audit trail or SQL server level rights (everyone
appears to be the same user to SQL). If I use SQL authentication on the
SQL
server I can send the proper credentials to the server using the
information
from the logon form, but I would like to stick with integrated
authentication on the SQL server if I could.

Nov 18 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by RTJudson | last post: by
9 posts views Thread by Tom B | last post: by
1 post views Thread by Paul Aspinall | last post: by
3 posts views Thread by =?Utf-8?B?RGFuZGFuIFpoYW5n?= | last post: by
reply views Thread by NPC403 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.