ASPNET and NETWORK SERVICE accounts hitting SQL Server

Discussion in 'ASP .Net Security' started by Jim Moon, Jun 30, 2004.

  1. Jim Moon

    Jim Moon Guest

    Hello.

    Running IIS 6 and ASP.NET, the only way an application can access SQL Server
    seems to be as "NT AUTHORITY / NETWORK SERVICE" (or an alias specified in
    the <identity> element within "web.config"). This is analagous to the
    "ASPNET" user for IIS 5 and ASP.NET.

    In a secure (SSL) web running in IIS 6, we're interested in getting from
    ASP.NET the behavior we get from ASP 3.0. When the ASP application logs
    onto the SQL Server database, it does so under the logon of the actual user.
    There does not appear to me to be a way to make this happen. And, as a
    result, we feel as though we have lost a layer of security--the security of
    the database.

    Any ideas or suggestions are welcome.

    Thanks,
    Jim
     
    Jim Moon, Jun 30, 2004
    #1
    1. Advertising

  2. Jim Moon

    Jim Moon Guest

    Inside
    <system.web>
    I added
    <identity impersonate="true" />

    It worked like a charm!

    Jim




    "Jim Moon" <jmoon()at()uab.edu> wrote in message
    news:%...
    > Hello.
    >
    > Running IIS 6 and ASP.NET, the only way an application can access SQL

    Server
    > seems to be as "NT AUTHORITY / NETWORK SERVICE" (or an alias specified in
    > the <identity> element within "web.config"). This is analagous to the
    > "ASPNET" user for IIS 5 and ASP.NET.
    >
    > In a secure (SSL) web running in IIS 6, we're interested in getting from
    > ASP.NET the behavior we get from ASP 3.0. When the ASP application logs
    > onto the SQL Server database, it does so under the logon of the actual

    user.
    > There does not appear to me to be a way to make this happen. And, as a
    > result, we feel as though we have lost a layer of security--the security

    of
    > the database.
    >
    > Any ideas or suggestions are welcome.
    >
    > Thanks,
    > Jim
    >
    >
     
    Jim Moon, Jun 30, 2004
    #2
    1. Advertising

  3. Jim Moon

    Jim Moon Guest

    Inside
    <system.web>
    I added
    <identity impersonate="true" />

    It works great!

    Jim



    "Jim Moon" <jmoon()at()uab.edu> wrote in message
    news:%...
    > Hello.
    >
    > Running IIS 6 and ASP.NET, the only way an application can access SQL

    Server
    > seems to be as "NT AUTHORITY / NETWORK SERVICE" (or an alias specified in
    > the <identity> element within "web.config"). This is analagous to the
    > "ASPNET" user for IIS 5 and ASP.NET.
    >
    > In a secure (SSL) web running in IIS 6, we're interested in getting from
    > ASP.NET the behavior we get from ASP 3.0. When the ASP application logs
    > onto the SQL Server database, it does so under the logon of the actual

    user.
    > There does not appear to me to be a way to make this happen. And, as a
    > result, we feel as though we have lost a layer of security--the security

    of
    > the database.
    >
    > Any ideas or suggestions are welcome.
    >
    > Thanks,
    > Jim
    >
    >
     
    Jim Moon, Jun 30, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Um9iIEM=?=
    Replies:
    0
    Views:
    584
    =?Utf-8?B?Um9iIEM=?=
    Apr 16, 2005
  2. HankD
    Replies:
    0
    Views:
    439
    HankD
    Jun 2, 2005
  3. pedestrian via DotNetMonster.com

    ASPNET (NETWORK SERVICE) identity cannot run SP that drop table

    pedestrian via DotNetMonster.com, Sep 17, 2007, in forum: ASP .Net
    Replies:
    6
    Views:
    461
    pedestrian via DotNetMonster.com
    Sep 20, 2007
  4. Oltmans
    Replies:
    9
    Views:
    401
    Juan T. Llibre
    Jul 13, 2009
  5. Bogdan Jokel
    Replies:
    0
    Views:
    811
    Bogdan Jokel
    Jan 15, 2010
Loading...

Share This Page