trusted sql server connection problem!?

[Brian Henry]

I an trying to connect to a sql server in asp.net with the sql connection
object, and every time i try to open the connection i get this


Server Error in '/' Application.
Login failed for user '(null)'. Reason: Not associated with a trusted SQL
Server connection.

why am i getting this? and how do i get around it? I am logged into the
domain on the machine that the asp.net system is on, the sql server is a
seperate machine... vs.net can do a preview of the data and read it in
vs.net ide, and i can connect and retrieve data using the server explorer,
but when i do it programaticly it gives me that error... here is my
connection sub...


Private dbconnectionstring As String = "workstation id=DELL5100;packet
size=4096;integrated security=SSPI;data source=BENE-SQL;persist security
info=False;initial catalog=ReschIntranet"
Public dbconnection As New SqlClient.SqlConnection(dbconnectionstring)

 

[Cowboy \(Gregory A. Beamer\)]

As you are using integrated security, you will want to do one of the
following:

1. Assign the IUSR account rights to the database (bad idea, but easy)
2. Change to mixed mode security (better, and still quite easy)
3. Create a user account to access the SQL Server and have the data routines
assume that identity when calling the database (programming heavy)
4. Restrict the web app to accounts that have permission to use SQL Server
in your domain (will not work for Internet apps)

The IDE runs under your account, the web app runs under IUSR unless you
restrict it.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

**********************************************************************
Think Outside the Box!
**********************************************************************

 

[Greg]

confirm what account the web app is using to log into sql server. Its been
a while since I did any asp.net, but I recall this being an issue then and
we had to make sure the 'asp.net user' could log into sql server...or
something along those lines.

 

[Marina]

This is because during development, it is using your integrated security
authentication to connect to the database.

At run time, ASPNET is what's trying to connect, and it is not associated
with a trusted connection.

So you can either set up ASPNET as a user with rights, or just use a
username/password account and pass that in to sql server when trying to
connect.

 

[Jim Butler]

or what we do here, is switch the web site to run on itegrated security
(assuming working locally), then it will pass your credentials. also, you
will need to set the identity impersonate=true in the web.config.

jim

 

[Angel Saenz-Badillos[MS]]

Very nice description, in general Windows Authentication is better than
Mixed Mode for security reasons.

You should not be using ado.net for internet apps if you are concerned about
security, making your Server visible to the internet may not be the best
idea and users will be able to get the username/password you build into any
program you distribute.