Issue with Identity Impersonation and user identity used passed for trusted SQL connection.

Discussion in 'ASP .Net Security' started by Frederick D'hont, Jul 25, 2005.

  1. Hi all





    First of all I will start with explaining the situation:

    1) In the web config impersonation is configured as the following:
    <identity impersonate="true" userName="registry:HKLM\Software\myASP.NET\Identity\ASPNET_SETREG,userName" password="registry:HKLM\Software\myASP.NET\Identity\ASPNET_SETREG,password" />
    This method of impersonation is described on the next page : http://support.microsoft.com/default.aspx?scid=kb;en-us;329290

    2) Somewere else in the web config the applications connection string is configured as follows

    <add key="connectionString" value="server=localhost;Integrated Security=SSPI;database=somedatabase;" />

    3) In the application there exists a page which contains 2 Iframes which in their turn contain 2 pages which are part of the same web application.

    problem

    These 2 other pages that run in those iframes both click of Session_Start in the Global.asax whenever they are called. In the Session_start there is a check on application security. The only user aloud to access the database is the one configured in the web.config impersonation. The strange behaviour that I encounter is that one of both pages uses the "MACHINE\ASPNET" account as trusted connection account to the sql server and the other uses the configured one in the web.config. Which of pages that generates the error is completely random. And on some occasions the error doesn't occur.

    Generaly using Iframes isn't they way you want to build a solid application, but sometimes time limits and sudden customer requirments does not allow refactoring. The story of our lives :p

    Anyone who has any idea how to fix this issue.
     
    Frederick D'hont, Jul 25, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page