Hi Lyners,
For such accessing remote resource on client's forward identity issue, you
can refer to
Bruce's former message whicn mentioned the 4 possible options:
===============
1) switch to basic authentication. this will give IIS a primary token it
can
use to access a remore sqlserver.
2) switch to kerberos authentication and enable creditials forwarding.
3) use a fixed account
4) move the SqlServer to the IIS box.
================
In addition, if you have interests, I also recommend that you have a look
at the
"Programming windows security" or
"The .NET Developer's Guide to Windows Security"
authored by Keith Brown. The twos are good guide on windows security
programming.
Thanks & Regards,
Steven Cheng
Microsoft Online Support
Get Secure!
www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| Thread-Topic: ASP.NET -> SQL Server : Impersonation not working!
| thread-index: AcWd9XWiDDZC3JczQtemxmLiosdewg==
| X-WBNR-Posting-Host: 204.194.251.3
| From: =?Utf-8?B?THluZXJz?= <Ly****@discussions.microsoft.com>
| References: <5A**********************************@microsoft.co m>
| Subject: RE: ASP.NET -> SQL Server : Impersonation not working!
| Date: Wed, 10 Aug 2005 14:50:01 -0700
| Lines: 33
| Message-ID: <95**********************************@microsoft.co m>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups:
microsoft.public.dotnet.framework.adonet,microsoft .public.dotnet.framework.a
spnet
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:117266
microsoft.public.dotnet.framework.adonet:33797
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| I have the same problem. Is there a book or something that spells out
exactly
| what needs to happen to make this work? I also have it working locally
with
| XP (so i thought this solution was good), promoted it to the server, only
to
| run into this problem. Seems to be more difficult than it has to be for
| something that appears to be common to do (retrieve data from your SQL
server
| and display it in your .net pages).
|
| Looking for an answer also,
| lyners
|
| "Patrick" wrote:
|
| > I set my web.config as follows:
| > <authentication mode="Windows" />
| > <identity impersonate="true" />
| >
| > Logon to my ASP.NET website as a user who can authenticate to the
target
| > database.
| >
| > 1) Works fine on my local PC running IIS5.1 on WinXP Pro SP1
| > 2) does not work on IIS6.0 on Windows 2003 server:
| > System.Data.SqlClient.SqlException: Login failed for user '(null)'.
Reason:
| > Not associated with a trusted SQL Server connection.
| > at System.Data.SqlClient.ConnectionPool.GetConnection (Boolean&
| > isInTransaction)
| > at
| >
System.Data.SqlClient.SqlConnectionPoolManager.Get PooledConnection(SqlConnec
tionString options, Boolean& isInTransaction)
| > at System.Data.SqlClient.SqlConnection.Open()
| > at
Microsoft.Practices.EnterpriseLibrary.Data.Databas e.OpenConnection()
| > HOWEVER, Environment.UserName returns the correct username!
| >
| >
| > Why? How to fix?
|