Last post Oct 30, 2012 12:10 PM by newasp_user
Oct 23, 2012 08:19 PM|newasp_user|LINK
I am new to ASP.net, I build a web based tool to allow users to modify and insert data on a table. I set up both the IIS and SQL Server access to Windows Authentication. I also add a column that will register the user who modifed or inserted the data.
It works but when I publish it, I can see my user id on the website but when I tried to edit a column the Modified by field showed NT AUTHORITY\System. I also tried see if the IIS authentication pass through the SQL server by disabling my team mate's account
and let him modifed a column and it still let him.
I don't know much about C# coding so I thought to make it simple by letting the access control be on the SQL Server side. If the NT user is not added as as user on the SQL server, he should be able to edit or insert data.
Any help will be appreciated.
Oct 24, 2012 03:55 AM|christiandev|LINK
Are you trying to set the value in the field to be the user currently logged onto the system? if so, it might be better to just use the IPrincipal username, Page.User.Identity.Name and pass this into the insert/update as a param.
Oct 24, 2012 03:57 AM|kaushikmaheta|LINK
give database permision in sql server in iis user to access this database
Oct 24, 2012 12:33 PM|newasp_user|LINK
That is one thing I wanted to happen but the main one is for the IIS authentication to pass through the SQL server. I wanted to put the access control on the SQL Server where in if the user who access the tool is not registered as a user on the SQL database
will be denied of access.
Oct 24, 2012 12:35 PM|newasp_user|LINK
Can you please elaborate what you are suggesting here?
Oct 25, 2012 09:09 AM|christiandev|LINK
You may want to look at impersonation...
Oct 30, 2012 12:10 PM|newasp_user|LINK
Thanks for your help. I was able make it work by fixing the errors after enabling the impersonation and Windows authentication at the same time.