ASP.Net not impersonating for WSE 2.0 AuthenticateToken method

F

Francois

I have several web services that use WSE to authenticate calling users.
I use a UsernameToken that validates the sent username and password
against our SqlServer database. The SqlServer database is on a
different machine than the website. For all of my database access I use
Windows Integrated Security. As such, I've had to change the ASP.Net
process model to system in the machine.config and set <identity
impersonate="true" /> in the web.config for the web service project.
For all regular db access throughout the web services the impersonation
works and the code can connect to the database with the user we
specified as the anonymous user for the website.

However, when the password validation code for the AuthenticateToken
method in my custom UsernameTokenManager object runs
WindowsIdentity.GetCurrent().Name returns 'NT AUTHORITY\SYSTEM' and the
database says "Login failed for user 'DOMAIN\MACHINENAME$'"

This means that either the code in AuthenticateToken is ran using the
builtin machine user, or because the class was constructed before
aspnet_wp.exe switched users according to the <identity
impersonate="true" /> tag in the web.config.

As I see it, there are only a couple of options to fix this problem:
1) Add the machine user to the database (is this even possible?)
2) Change my db to mixed mode authentication (against MS's best
practises) and store the connection string somewhere

Are there any other options? What have other people done in this
situation? What is my best solution? I find it hard to believe that
I'm the only person using WSE to authenticate against SqlServer with
integrated security, yet I've never seen any documentation on the
subject nor discussion about it on the newsgroups.

I'm using Windows 2000/IIS 5.0/SQL Server 2000/.NET Framework 1.1 SP2

TIA,

Colin Svingen
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top