I
Ivan Samuelson
I have an ASP.NET application that accesses a DCOM object
on a remote server. I am using Windows Authentication to
allow users to have access to my ASP.NET application.
Then, the ASP.NET application will attempt to connect to
the DCOM object. However, connections to the DCOM object
will only be allowed to users whose NT Domain account
have been granted access to it. I have the web.config file set up as follows
<authentication mode="Windows" /><identity impersonate="true" /
I assumed that this would me that requests to the DCOM server should go out as the authenticated user. However, that doesn't seem to be the case as I keep getting a Access is Denied error whenever I attemp
to access the DCOM object. If I then change the identity element to include a valid domain account and password, it works
<identity impersonate="true" userName="somedomain\someuserid" password="password" /
I really do not want to hardcode a username and password into the web.config file. How can I make my ASP.NET application "pass off" the authenticated user to the DCOM server rather than attempting to access it as the ASPNET account? Is that even possible? I've tried even wrapping the call to the DCOM object inside code that is supposed to turn impersonation and that still results in an Access is Denied error
Any help would be appreciated
Thanks
on a remote server. I am using Windows Authentication to
allow users to have access to my ASP.NET application.
Then, the ASP.NET application will attempt to connect to
the DCOM object. However, connections to the DCOM object
will only be allowed to users whose NT Domain account
have been granted access to it. I have the web.config file set up as follows
<authentication mode="Windows" /><identity impersonate="true" /
I assumed that this would me that requests to the DCOM server should go out as the authenticated user. However, that doesn't seem to be the case as I keep getting a Access is Denied error whenever I attemp
to access the DCOM object. If I then change the identity element to include a valid domain account and password, it works
<identity impersonate="true" userName="somedomain\someuserid" password="password" /
I really do not want to hardcode a username and password into the web.config file. How can I make my ASP.NET application "pass off" the authenticated user to the DCOM server rather than attempting to access it as the ASPNET account? Is that even possible? I've tried even wrapping the call to the DCOM object inside code that is supposed to turn impersonation and that still results in an Access is Denied error
Any help would be appreciated
Thanks