Impersonation headaches

Discussion in 'ASP .Net' started by Stephajn Craig, Dec 16, 2003.

  1. I'm developing an ASP.NET app on a Windows 2003 Server. My ASP.NET app is
    using Windows Authentication and in IIS I have disabled Anonymous Access,
    and enabled digest authentication. In my Web.Config file I have put this
    line:

    <identity impersonate="true" />

    My ASP.NET app calls on a SQL Server database that is on a different
    machine. I can tell that the ASP.NET engine is picking up my domain
    username as being the authenticated user by using this line:

    Dim username As String =
    System.Security.Principal.WindowsIdentity.GetCurrent().Name

    However, when the call to the database is made, I get this error:

    Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

    What am I missing here? why is the call to the database going through as
    that and not my domain account? My connection string to the database looks
    like this:

    data source=SOMESERVER;Initial Catalog=SOMEDATABASE;Integrated
    Security=SSPI;

    Any help would REALLY be appreciated.

    --
    Stephajn Craig
     
    Stephajn Craig, Dec 16, 2003
    #1
    1. Advertising

  2. There are several levels of Impersonation
    You can look up article in MSDN with the title "Client Impersonation and
    Delegation "

    What you looking for is delegation level.

    I am not sure how ASO.NET works but it might give you a clue.

    George.

    "Stephajn Craig" <> wrote in message
    news:%...
    > I'm developing an ASP.NET app on a Windows 2003 Server. My ASP.NET app is
    > using Windows Authentication and in IIS I have disabled Anonymous Access,
    > and enabled digest authentication. In my Web.Config file I have put this
    > line:
    >
    > <identity impersonate="true" />
    >
    > My ASP.NET app calls on a SQL Server database that is on a different
    > machine. I can tell that the ASP.NET engine is picking up my domain
    > username as being the authenticated user by using this line:
    >
    > Dim username As String =
    > System.Security.Principal.WindowsIdentity.GetCurrent().Name
    >
    > However, when the call to the database is made, I get this error:
    >
    > Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
    >
    > What am I missing here? why is the call to the database going through as
    > that and not my domain account? My connection string to the database

    looks
    > like this:
    >
    > data source=SOMESERVER;Initial Catalog=SOMEDATABASE;Integrated
    > Security=SSPI;
    >
    > Any help would REALLY be appreciated.
    >
    > --
    > Stephajn Craig
    >
    >
     
    George Ter-Saakov, Dec 16, 2003
    #2
    1. Advertising

  3. Stephajn Craig

    bruce barker Guest

    this setup will not work, as you can not forward nt creditals from the
    webserver to the sqlserver (unless the browser is running on the webserver -
    like on your dev box). this only works with basic and digest authentication.

    there are plenty of posts on the details (google this newsgroup).

    -- bruce (sqlwork.com)





    "Stephajn Craig" <> wrote in message
    news:#...
    > I'm developing an ASP.NET app on a Windows 2003 Server. My ASP.NET app is
    > using Windows Authentication and in IIS I have disabled Anonymous Access,
    > and enabled digest authentication. In my Web.Config file I have put this
    > line:
    >
    > <identity impersonate="true" />
    >
    > My ASP.NET app calls on a SQL Server database that is on a different
    > machine. I can tell that the ASP.NET engine is picking up my domain
    > username as being the authenticated user by using this line:
    >
    > Dim username As String =
    > System.Security.Principal.WindowsIdentity.GetCurrent().Name
    >
    > However, when the call to the database is made, I get this error:
    >
    > Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
    >
    > What am I missing here? why is the call to the database going through as
    > that and not my domain account? My connection string to the database

    looks
    > like this:
    >
    > data source=SOMESERVER;Initial Catalog=SOMEDATABASE;Integrated
    > Security=SSPI;
    >
    > Any help would REALLY be appreciated.
    >
    > --
    > Stephajn Craig
    >
    >
     
    bruce barker, Dec 17, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dano

    Oh those Transaction Headaches!

    Dano, Nov 17, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    1,652
    bruce barker
    Nov 17, 2003
  2. Eric
    Replies:
    5
    Views:
    907
  3. Alex Greenberg

    Publish Web Site Headaches

    Alex Greenberg, Jan 29, 2006, in forum: ASP .Net
    Replies:
    9
    Views:
    572
    gerry
    Jan 31, 2006
  4. D. Shane Fowlkes

    repost: headaches with formatting in VWD

    D. Shane Fowlkes, Mar 16, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    402
    Juan T. Llibre
    Mar 17, 2006
  5. Replies:
    2
    Views:
    190
Loading...

Share This Page