Hi,

I have added three parameters in my web.cong file as Profile (from line 79 to 86, below), in order to pass a message from one page to another. I got this error while running my application : Impossible d'établir une connexion à une base de données SQL Server. It means : Unable to connect to SQL server database.

I use vwd2008 in my client machine and SQL Server 2000 on the server.

Thank you for helping me 

Here is my web config :

1    
2    <!-- 
3        Remarque : au lieu d'éditer manuellement ce fichier, vous pouvez utiliser
4        l'outil d'administration Web pour configurer les paramètres de votre
5        application. Utilisez l'option Site Web->Configuration Asp.Net de Visual Studio.
6        Vous trouverez la liste complète des paramètres et commentaires dans 
7        machine.config.comments, situé généralement dans 
8        \Windows\Microsoft.Net\Framework\v2.x\Config 
9    -->
10   <configuration>
11   	<configSections>
12   		<sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
13   			<sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
14   				<section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
15   				<sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
16   					<section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/>
17   					<section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
18   					<section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
19   					<section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
20   				</sectionGroup>
21   			</sectionGroup>
22   		</sectionGroup>
23   	</configSections>
24   	<appSettings/>
25   	<connectionStrings>
26     <add name="ExpertelConnectionString" connectionString="Data Source=DBSERVER;Initial Catalog=Expertel;Integrated Security=True"
27      providerName="System.Data.SqlClient" />
28     </connectionStrings>
29   	<system.web>
30       <!-- 
31               Définissez compilation debug="true" pour insérer des symboles 
32               de débogage dans la page compilée. Comme ceci 
33               affecte les performances, définissez cette valeur à true uniquement 
34               lors du développement.
35           -->
36   		<trace enabled="true" pageOutput="true" />
37     <compilation debug="true">
38   			<assemblies>
39   				<add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
40   				<add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
41   				<add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
42   				<add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
43   			</assemblies>
44   		</compilation>
45   		<!--
46               La section <authentication> permet la configuration 
47               du mode d'authentification de sécurité utilisé par 
48               ASP.NET pour identifier un utilisateur entrant. 
49           -->
50   		<authentication mode="Windows"/>
51   		<!--
52               La section <customErrors> permet de configurer 
53               les actions à exécuter si/quand une erreur non gérée se produit 
54               lors de l'exécution d'une demande. Plus précisément, 
55               elle permet aux développeurs de configurer les pages d'erreur html 
56               pour qu'elles s'affichent à la place d'une trace de la pile d'erreur.
57   
58           <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
59               <error statusCode="403" redirect="NoAccess.htm" />
60               <error statusCode="404" redirect="FileNotFound.htm" />
61           </customErrors>
62           -->
63   		<pages>
64   			<controls>
65   				<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
66   				<add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
67   			</controls>
68   		</pages>
69   		<httpHandlers>
70   			<remove verb="*" path="*.asmx"/>
71   			<add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
72   			<add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
73   			<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/>
74   		</httpHandlers>
75   		<httpModules>
76   			<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
77   		</httpModules>
78   
79       <anonymousIdentification enabled ="true"/>
80       <profile enabled="true">
81         <properties >
82           <add name="Message" allowAnonymous ="true"/>
83           <add name="MsgErreur" allowAnonymous ="true"/>
84           <add name="PageRetour" allowAnonymous ="true"/>
85         </properties>
86       </profile>
87     
88     </system.web>
89   	<system.codedom>
90   		<compilers>
91   			<compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
92   				<providerOption name="CompilerVersion" value="v3.5"/>
93   				<providerOption name="WarnAsError" value="false"/>
94   			</compiler>
95   			<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
96   				<providerOption name="CompilerVersion" value="v3.5"/>
97   				<providerOption name="OptionInfer" value="true"/>
98   				<providerOption name="WarnAsError" value="false"/>
99   			</compiler>
100  		</compilers>
101  	</system.codedom>
102  	<!-- 
103          La section system.webServer est requise pour exécuter ASP.NET AJAX sur Internet
104          Information Services 7.0.  Elle n'est pas nécessaire pour les versions précédentes d'IIS.
105      -->
106  	<system.webServer>
107  		<validation validateIntegratedModeConfiguration="false"/>
108  		<modules>
109  			<remove name="ScriptModule"/>
110  			<add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
111  		</modules>
112  		<handlers>
113  			<remove name="WebServiceHandlerFactory-Integrated"/>
114  			<remove name="ScriptHandlerFactory"/>
115  			<remove name="ScriptHandlerFactoryAppServices"/>
116  			<remove name="ScriptResource"/>
117  			<add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
118  			<add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
119  			<add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
120  		</handlers>
121  	</system.webServer>
122  	<runtime>
123  		<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
124  			<dependentAssembly>
125  				<assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/>
126  				<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
127  			</dependentAssembly>
128  			<dependentAssembly>
129  				<assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/>
130  				<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
131  			</dependentAssembly>
132  		</assemblyBinding>
133  	</runtime>
134  </configuration>
135  

You are allowing anonymous access and utilizing integrated security with your connection string. Integrated means "use the credentials of the logged in user" but your users don't have credentials because they are anonymous.

So you need to ensure that the impersonated user account used to run the ASP.Net process (this is set up as the process identity in the application pool or using the <impersonate> tag in web.config) has been granted approrpiate SQL Server access to your database.

You need to open SQL Server Management Studio and create a "login" under the "security" folder for the account (identity) used to run the ASP.Net process.

I do not recommend using the default Network Service account for this, instead, use a more restrictive custom domain account.

Good luck.

try adding SQL connection string in provider tag of your profiler property...modify the code as below and try

 <profile enabled="true">
<providers>
<add name="ExpertelConnectionString" connectionString="Data Source=DBSERVER;Initial Catalog=Expertel;Integrated Security=True"
  providerName="System.Data.SqlClient" />
</providers>
81         <properties >
82           <add name="Message" allowAnonymous ="true"/>
83           <add name="MsgErreur" allowAnonymous ="true"/>
84           <add name="PageRetour" allowAnonymous ="true"/>
85         </properties>
86       </profile>

Hi all,

I trried adding the connection string in provider but I getting an error, the Type parameter in required. What's the type ? and if use this method how do I get the connection string in my c# code ?

Charles, how can I modify my web.cong file if I want users to be anonymous ?

Thanks a lot

you need to specify type for the properties eg. System.String etc...

And you also need to configure the profile provider in your web.config

check this: http://www.odetocode.com/Articles/440.aspx

ilearn:

Charles, how can I modify my web.cong file if I want users to be anonymous ?

There is no simple answer. This is sort of a catch-22 situation.

You must understand how security works between SQL and IIS and ASP.Net before you can make a decision.

I can't make a recommendation because I don't understand your specific needs.

There is no magic code for you to add to your web.config file to allow anonymous users to authenticate with your SQL server. You have to configure all parts of the puzzle to work together depending on what method you wish to authenticate with.

In other words, one method of authenticating with SQL isn't necessarily easier than another method. You have to configure SQL in either case.

So it really boils down to which method works for you.

If you choose to authenticate with SQL using Integrated security (like you have declared in the connection string in your code above), then at a minimum you must ensure the following:

1a) Your web application is running under a Process Identity (account) that is "safe" to you.  (Usually I create a new application pool for each web application and set the "identity" to a domain account that has no permissions anywhere but on the web server and SQL server). See this article for more on that

-or- 

1b) You can alternatively have an <identity> element specified in your web.config to specify a specific windows account and password to run the app under

2) Your SQL Server must have a Login created (Windows Authentication) for that "identity" and that SQL Login has to have adequate rights to access your database. See this article for more on that.

However, if your SQL Server is configured for "Mixed mode" then you can do the following:

1) Change your connection string so that the connection string contains a UserID and Password for the SQL Login to use when your app is establishing a connection to the database. If you specify the account in this way, you don't have to worry about "double hop" issues, "delegation" or what identity your application process is executing under.

2) Create a SQL Login (SQL Server Authentication) and apply adequate rights to access your database

Disclaimer: These are just two of many possibile scenarios. Without knowing all the little details about your situation, I'm unable to offer 100% solid advise as to what is the "best" method for you to use.

Good luck!