Authentication and impersonation

E

Eric

I setup a intranet application based on windows integrated
authentication .


windows integrated authentication checked in IIS
and anonymous access unchecked.


i have used impersonation in my web config file
<identity impersonate="true" >
<authorization>
<allow roles="mydomain\group_a"/>
<deny users="*/>
</authorization>


a User A belongs to group_a but not to group_b


group_b is a group that i have added to SQL server in order to set
permissions on data.


i'm using a trusted connection to the SQL database throught a
webservice.


when i try to access the application in my browser with user A , as A
is member of the group_a , his access is granted to the page but he can
also access data in the database although he doesn't belong to group_b
configured in SQL server to access data.this user A doesn't belong to
any other group and has no login in SQL as well.


Why does this user have access to data although he has neither login
nor belongs to any groups that have access to sql server?


if we are using impersonation=true without any username and login
specified it's normally the authenticated user token that is used to
check the access to SQL server or did i missunderstood the mecanism?


if some could tell me what i did wrong , i would be very grateful.


Thank in advance for any help.


Eric
 
T

Tasos Vogiatzoglou

Most probably user_A is member of a group that has permissions on the
SQL Server. Check the groups that have access to SQL server including
the local machine security groups.

user_A may be a member of the local administrators group.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,904
Latest member
HealthyVisionsCBDPrice

Latest Threads

Top