Login fail when accessing data

ASP.NET applications run inside ASP.NET worker process (aspnet_wp).
This process is run with a low-privileged user (YOURMACHINE\ASPNET).
The connection you are trying to establish with the SQL Server tries to
use ASPNET credentials and that's why you have the error.

There are 4 alternatives.

1) You enable impersonation, so you can login to SQL Server with your
current credentials. Put in webconfig <identity impersonate="true"/>
2) Enable impersonation with a fixed user account. Put in web.config
<identity userName="username" password="password"/>
3) Change ASPNET user to run with system privileges (altough not
advised as it's a security risk). Go to
c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\confi g\machine.config,
search for a processModel tag and change the username to system
4) Use a different user for ASP.NET worker process. Again go to the
previous path, in the processModel tag change the username and password
to correspond to your new user.

If you have IIS6 you can setup an application pool with an alternative
user.

Regards,
Tasos

Hi Tasos,
Thanks for the prompt reply.

I put

<identity impersonate="true"/>

in the web.config file as this seems the simplest route. I put it directly
under the

<system.web> element, but no go. Is this the correct place to put it? I'm
assuming it doesn't matter. Should this work?

Thanks for your help
Ant

"Tasos Vogiatzoglou" wrote:

ASP.NET applications run inside ASP.NET worker process (aspnet_wp).
This process is run with a low-privileged user (YOURMACHINE\ASPNET).
The connection you are trying to establish with the SQL Server tries to
use ASPNET credentials and that's why you have the error.

There are 4 alternatives.

1) You enable impersonation, so you can login to SQL Server with your
current credentials. Put in webconfig <identity impersonate="true"/>
2) Enable impersonation with a fixed user account. Put in web.config
<identity userName="username" password="password"/>
3) Change ASPNET user to run with system privileges (altough not
advised as it's a security risk). Go to
c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\confi g\machine.config,
search for a processModel tag and change the username to system
4) Use a different user for ASP.NET worker process. Again go to the
previous path, in the processModel tag change the username and password
to correspond to your new user.

If you have IIS6 you can setup an application pool with an alternative
user.

Regards,
Tasos

This assumes that the user is authenticated. Do you allow anonymous users?

Still another option in Tasos' list is to add the ASP.NET worker process
account as a user in the database.

Under Windows Server 2003 and IIS6, the user account is determined by the
identity for the application pool. The default is "Network Service", which
is a least-privileged user account. In SQL Server 2005, you can add the
Network Service account as a login and grant that user access to certain
portions of your database. If you are running on Windows XP or 2000 while
developing and testing, you can use the ASPNET account.

--
Kirk Allen Evans
Developer Evangelist
Microsoft Corporation
blogs.msdn.com/kaevans

=== This post provided "AS-IS" with no warranties and confers no rights ===
"Ant" <An*@discussions.microsoft.com> wrote in message
news:88**********************************@microsof t.com...

Hi Tasos,
Thanks for the prompt reply.

I put

<identity impersonate="true"/>

in the web.config file as this seems the simplest route. I put it directly
under the

<system.web> element, but no go. Is this the correct place to put it? I'm
assuming it doesn't matter. Should this work?

Thanks for your help
Ant

"Tasos Vogiatzoglou" wrote:

ASP.NET applications run inside ASP.NET worker process (aspnet_wp).
This process is run with a low-privileged user (YOURMACHINE\ASPNET).
The connection you are trying to establish with the SQL Server tries to
use ASPNET credentials and that's why you have the error.

There are 4 alternatives.

1) You enable impersonation, so you can login to SQL Server with your
current credentials. Put in webconfig <identity impersonate="true"/>
2) Enable impersonation with a fixed user account. Put in web.config
<identity userName="username" password="password"/>
3) Change ASPNET user to run with system privileges (altough not
advised as it's a security risk). Go to
c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\confi g\machine.config,
search for a processModel tag and change the username to system
4) Use a different user for ASP.NET worker process. Again go to the
previous path, in the processModel tag change the username and password
to correspond to your new user.

If you have IIS6 you can setup an application pool with an alternative
user.

Regards,
Tasos

The user you are logging-in to your PC is the one that will be
authenticated in SQL Server (assuming you have enabled windows
authentication).

So, incase you cannot login, check whether your user has access to the
required database table.

Also, Kirk proposes another solution that would help you (putting
ASPNET as a user to the database) but this as the solutions above
should be handles with care as expose the database to security risks.

Regards,
Tasos

Thanks for everyones help. I ended up adding ASP.NET as a user in SQLServer.
It never occured to me that the ASP application was in fact considered a
user. (Different to Windows forms).

Unfortunately I tried adding the reqired elements to my web.config file in
the ASP applications folder <identity etc> but that approach didn't yield any
success. I don't know why.
I also tried to tell the machine.config folder the details needed to log in
but no go either. A little troubling as to why.

Anyway, it's sorted now so thanks very much for your input.

Regards
Ant
"Tasos Vogiatzoglou" wrote:

The user you are logging-in to your PC is the one that will be
authenticated in SQL Server (assuming you have enabled windows
authentication).

So, incase you cannot login, check whether your user has access to the
required database table.

Also, Kirk proposes another solution that would help you (putting
ASPNET as a user to the database) but this as the solutions above
should be handles with care as expose the database to security risks.

Regards,
Tasos