NT Authority/ANONYMOUS LOGIN problem, only wierder

M

Mike Hutton

Hi,

I have tried to keep things simple. Not simple enough, obviously.

I have a set of intranet ASP.NET pages which access a SQL back-end
through the normal SQLConnection stuff. I want to use peoples' NT
logons to user-stamp data changes made through the web-pages. So it
seemed obvious to use Windows authentication to access SQL
connections.

On my development box (running ASP.NET 1.1, with Anonymous Login
disabled and Windows authentication), my pages work fine.

I have copied all the files over to a development web server (did I
need to compile them on the web server? - I guessed not). This web
server has the same web site setup, with Anonymous Login disabled, and
Windows authentication.

On both boxes I have set impersonate="true" in the web.config.

The whole lot is using Windows 2000 (server on the test server), with
sp3. The SQL box is also W2k with sp3, and all are on the same
network.
If I start up the web pages from my development box, and access the
pages on the test server, I get access problems when opening SQL
connections:

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

Stack trace (for those who want to see it):
******************************************************************
[SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.]
System.Data.SqlClient.ConnectionPool.GetConnection(Boolean&
isInTransaction) +474
System.Data.SqlClient.SqlConnectionPoolManager.GetPooledConnection(SqlConnectionString
options, Boolean& isInTransaction) +372
System.Data.SqlClient.SqlConnection.Open() +384
BusinessPlans.Reference.GetSelectSQL(String p_ConnStr, String
p_SPName, String p_TableName, String p_ResultParamName) +66
BusinessPlans.Reference.PopulateDataGrids(Boolean p_ApplyMask,
Boolean p_AddNewItem) +521
BusinessPlans.Reference.ShowTable(Object sender, CommandEventArgs e)
+74
System.Web.UI.WebControls.LinkButton.OnCommand(CommandEventArgs e)
+110
System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String
eventArgument) +115
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument) +18
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
+138
System.Web.UI.Page.ProcessRequestMain() +1277
******************************************************************

BUT...

in the same session I have the following set up as well:

Authentication name=MyDomain\MyLogin,
Authentication type=NTLM
Authentication passed=True

I don't see what I'm doing wrong here.

BUT...

things get even wierder when I access the pages from the test server
itself. They all work OK, and if I immediately go back and try to
access them from my development box again, they work fine!

!!!!

What is going on? The errors return if I leave the connections for a
number of minutes (presumably because the connections/sessions
time-out), the errors return. Is it failing to set up a pooled
connection on the remote server (and if so, why?) or is it something
even more obscure?

Help!

Any help would be most gratefully received.

Mike.
 
B

bruce barker

this scenario will not work, as any search of this newsgroup will tell you.
you can not forward nt creditals. you have three choices

1) switch to a credital format that will forward, by using basic or digest
authentication.
2) put the sql server on the same box as the web server (no forwarding
required)
3) fill in the username and password in the web config, and pass in the user
credials though another method to the sqlserver.

for more details, google this newsgroup.

-- bruce (sqlwork.com)

Mike Hutton said:
Hi,

I have tried to keep things simple. Not simple enough, obviously.

I have a set of intranet ASP.NET pages which access a SQL back-end
through the normal SQLConnection stuff. I want to use peoples' NT
logons to user-stamp data changes made through the web-pages. So it
seemed obvious to use Windows authentication to access SQL
connections.

On my development box (running ASP.NET 1.1, with Anonymous Login
disabled and Windows authentication), my pages work fine.

I have copied all the files over to a development web server (did I
need to compile them on the web server? - I guessed not). This web
server has the same web site setup, with Anonymous Login disabled, and
Windows authentication.

On both boxes I have set impersonate="true" in the web.config.

The whole lot is using Windows 2000 (server on the test server), with
sp3. The SQL box is also W2k with sp3, and all are on the same
network.
If I start up the web pages from my development box, and access the
pages on the test server, I get access problems when opening SQL
connections:

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

Stack trace (for those who want to see it):
******************************************************************
[SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.]
System.Data.SqlClient.ConnectionPool.GetConnection(Boolean&
isInTransaction) +474
System.Data.SqlClient.SqlConnectionPoolManager.GetPooledConnection(SqlConnec
tionString
options, Boolean& isInTransaction) +372
System.Data.SqlClient.SqlConnection.Open() +384
BusinessPlans.Reference.GetSelectSQL(String p_ConnStr, String
p_SPName, String p_TableName, String p_ResultParamName) +66
BusinessPlans.Reference.PopulateDataGrids(Boolean p_ApplyMask,
Boolean p_AddNewItem) +521
BusinessPlans.Reference.ShowTable(Object sender, CommandEventArgs e)
+74
System.Web.UI.WebControls.LinkButton.OnCommand(CommandEventArgs e)
+110
System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.Rai
sePostBackEvent(String
eventArgument) +115
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument) +18
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
+138
System.Web.UI.Page.ProcessRequestMain() +1277
******************************************************************

BUT...

in the same session I have the following set up as well:

Authentication name=MyDomain\MyLogin,
Authentication type=NTLM
Authentication passed=True

I don't see what I'm doing wrong here.

BUT...

things get even wierder when I access the pages from the test server
itself. They all work OK, and if I immediately go back and try to
access them from my development box again, they work fine!

!!!!

What is going on? The errors return if I leave the connections for a
number of minutes (presumably because the connections/sessions
time-out), the errors return. Is it failing to set up a pooled
connection on the remote server (and if so, why?) or is it something
even more obscure?

Help!

Any help would be most gratefully received.

Mike.
 
K

Ken Witmyer

Actually, the scenario does work. I've been experiencing the exact
same problem. I spent a couple of hours last night reading through
various news group postings which all have different answers, though
none really seem to work consistently. I've gotta tell you that "any
search of this newsgroup" will not tell you that you can't forward NT
credentials. Some do, most don't. With that said, I do understand
forwarding of credentials to be impossible, but what Mike reported in
the original post is exactly what I've experienced so there's got to
be something else in play.

Mike, did you ever find a solution?

bruce barker said:
this scenario will not work, as any search of this newsgroup will tell you.
you can not forward nt creditals. you have three choices

1) switch to a credital format that will forward, by using basic or digest
authentication.
2) put the sql server on the same box as the web server (no forwarding
required)
3) fill in the username and password in the web config, and pass in the user
credials though another method to the sqlserver.

for more details, google this newsgroup.

-- bruce (sqlwork.com)

Mike Hutton said:
Hi,

I have tried to keep things simple. Not simple enough, obviously.

I have a set of intranet ASP.NET pages which access a SQL back-end
through the normal SQLConnection stuff. I want to use peoples' NT
logons to user-stamp data changes made through the web-pages. So it
seemed obvious to use Windows authentication to access SQL
connections.

On my development box (running ASP.NET 1.1, with Anonymous Login
disabled and Windows authentication), my pages work fine.

I have copied all the files over to a development web server (did I
need to compile them on the web server? - I guessed not). This web
server has the same web site setup, with Anonymous Login disabled, and
Windows authentication.

On both boxes I have set impersonate="true" in the web.config.

The whole lot is using Windows 2000 (server on the test server), with
sp3. The SQL box is also W2k with sp3, and all are on the same
network.
If I start up the web pages from my development box, and access the
pages on the test server, I get access problems when opening SQL
connections:

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

Stack trace (for those who want to see it):
******************************************************************
[SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.]
System.Data.SqlClient.ConnectionPool.GetConnection(Boolean&
isInTransaction) +474
System.Data.SqlClient.SqlConnectionPoolManager.GetPooledConnection(SqlConnec
tionString
options, Boolean& isInTransaction) +372
System.Data.SqlClient.SqlConnection.Open() +384
BusinessPlans.Reference.GetSelectSQL(String p_ConnStr, String
p_SPName, String p_TableName, String p_ResultParamName) +66
BusinessPlans.Reference.PopulateDataGrids(Boolean p_ApplyMask,
Boolean p_AddNewItem) +521
BusinessPlans.Reference.ShowTable(Object sender, CommandEventArgs e)
+74
System.Web.UI.WebControls.LinkButton.OnCommand(CommandEventArgs e)
+110
System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.Rai
sePostBackEvent(String
eventArgument) +115
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument) +18
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
+138
System.Web.UI.Page.ProcessRequestMain() +1277
******************************************************************

BUT...

in the same session I have the following set up as well:

Authentication name=MyDomain\MyLogin,
Authentication type=NTLM
Authentication passed=True

I don't see what I'm doing wrong here.

BUT...

things get even wierder when I access the pages from the test server
itself. They all work OK, and if I immediately go back and try to
access them from my development box again, they work fine!

!!!!

What is going on? The errors return if I leave the connections for a
number of minutes (presumably because the connections/sessions
time-out), the errors return. Is it failing to set up a pooled
connection on the remote server (and if so, why?) or is it something
even more obscure?

Help!

Any help would be most gratefully received.

Mike.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top