N
Nadav Popplewell
Hi everybody,
I've got a ASP.NET 2.0 WebService that need to connect to a SQL Server on
another machine.
I've setup the anonymous Account of the web application to an domain account
that has permissions to access the dbase,
and I've set
<identity impersonate="true" />
in the web.config file.
The connection to the dbase fails with error
"Login failed for user ''. The user is not associated with a trusted SQL
Server connection."
If I put the user and password of the domain account in the <identity ..>
element (SAME account as that defined as the annonymous account) then the
WebService Connects to the dbase.
I've debugged the WebService and checked
System.Security.Principal.WindowsIdentity.GetCurrent().
These are the properties of the WindowsIdentity:
No user/password:
AuthenticationType "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
ImpersonationLevel Delegation
Name "NI\\nadav_p"
with user/password:
AuthenticationType "Kerberos"
ImpersonationLevel Impersonation
Name "NI\\nadav_p"
I've tried reading about this, and as far as I can see delegation does not
work unless kerberos is used.
Is this right?
Has anybody got any ideas how I can connect to the dbase from my WebService
without writing my password in the web.config?
Thanks,
Nadav
I've got a ASP.NET 2.0 WebService that need to connect to a SQL Server on
another machine.
I've setup the anonymous Account of the web application to an domain account
that has permissions to access the dbase,
and I've set
<identity impersonate="true" />
in the web.config file.
The connection to the dbase fails with error
"Login failed for user ''. The user is not associated with a trusted SQL
Server connection."
If I put the user and password of the domain account in the <identity ..>
element (SAME account as that defined as the annonymous account) then the
WebService Connects to the dbase.
I've debugged the WebService and checked
System.Security.Principal.WindowsIdentity.GetCurrent().
These are the properties of the WindowsIdentity:
No user/password:
AuthenticationType "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
ImpersonationLevel Delegation
Name "NI\\nadav_p"
with user/password:
AuthenticationType "Kerberos"
ImpersonationLevel Impersonation
Name "NI\\nadav_p"
I've tried reading about this, and as far as I can see delegation does not
work unless kerberos is used.
Is this right?
Has anybody got any ideas how I can connect to the dbase from my WebService
without writing my password in the web.config?
Thanks,
Nadav