I am facing a issue. Please suggest workaround (solution) that requires less changes.
I have a ASP.NET MVC website that is deployed on Windows Server 2008 R2. At IIS, Integrated Windows authentication and
ASP.NET Impersonation is enabled. The application pool's Identity is set to a custom windows account.
And configuration setting is as
<identity impersonate="true"/>
<authentication mode="Windows" />
It was working as expected. Now I was making few enhancements that requires to access a common database (SQL 2008 R2) and using Integrated Security=SSPI . Application pool's Identity has access to the database.</div> </div> But here when we run the application,
it tries to access the database with the account NT AUTHORITY\ANONYMOUS LOGON and fails. It works if
asp.net impersonation is disabled because then it access the database with the account App Pool Identity. We cannot give the every user to have permission to access the database.</div> I cannot disable the Impersonation
and want to access the database with App Pool Identity user or some other common user at max. We cannot use SQL authentication also.
I cannot use the SQL authenitcation as in our all the exisitng applications we use integrated security and we have special domain accounts to access the DB server and applications run on those accounts only
Member
330 Points
4 Posts
ASP.NET web app deployment with windows auth and impersonation and database access : Need suggest...
Jul 17, 2013 12:36 PM|Brij1|LINK
Hello All,
I am facing a issue. Please suggest workaround (solution) that requires less changes.
I have a ASP.NET MVC website that is deployed on Windows Server 2008 R2. At IIS, Integrated Windows authentication and ASP.NET Impersonation is enabled. The application pool's Identity is set to a custom windows account.
And configuration setting is as
<identity impersonate="true"/>
<authentication mode="Windows" />
It was working as expected. Now I was making few enhancements that requires to access a common database (SQL 2008 R2) and using Integrated Security=SSPI . Application pool's Identity has access to the database.</div> </div> But here when we run the application, it tries to access the database with the account NT AUTHORITY\ANONYMOUS LOGON and fails. It works if asp.net impersonation is disabled because then it access the database with the account App Pool Identity. We cannot give the every user to have permission to access the database.</div> I cannot disable the Impersonation and want to access the database with App Pool Identity user or some other common user at max. We cannot use SQL authentication also.
Any workaround that requires less changes.
Thanks in advance
asp.netiissqlserver
Brij
Contributor
3390 Points
1079 Posts
Re: ASP.NET web app deployment with windows auth and impersonation and database access : Need sug...
Jul 19, 2013 01:39 AM|kctt|LINK
You can use SQL login instead of integrated security.
SQL login makes it easier in case you need to move website to a different server or use remote database server.
asp.netiissqlserver
Member
330 Points
4 Posts
Re: ASP.NET web app deployment with windows auth and impersonation and database access : Need sug...
Jul 19, 2013 11:35 AM|Brij1|LINK
I cannot use the SQL authenitcation as in our all the exisitng applications we use integrated security and we have special domain accounts to access the DB server and applications run on those accounts only
asp.netiissqlserver
Brij