In our webforms app we presently have our database username/password information directly in the connection string in the web.config file. We want to change this and begin using Integrated Security so we changed the connection string to look like this:
While this works fine when a person logs in as themselves, the database connection fails when we attempt to login using the username/password of any of our test accounts. It fails because instead of using the Windows account credentials, it is using
the credentials of the account information input into the login form.
What do we have to do so that regardless of what information is input into the login form, the database will use the Windows account credentials? Only the database though because the app itself needs to be able to recognize the username/password information
input into the form due to permission levels.
So my understanding is that you you have <identity impersonate="true"/> somewhere which runs the app under the authenticated user account. If you disable that it should run under the account your configured for the application pool (which seems what you want).
So my understanding is that you you have <identity impersonate="true"/> somewhere which runs the app under the authenticated user account. If you disable that it should run under the
account your configured for the application pool (which seems what you want).
Thank you for the response. We tried that and while setting it to false does allow access to the database using the Windows account credentials, it also logs us into the app itself using those credentials. What I need to figure out is how to keep them separate
so that it logs into the database using the Windows account credentials but logs into the app itself using the information from the login form.
My guess is that for now you are using a method that returns the account under which the code runs (which is more likely why you needed to enable impersonation).
Instead make sure to use System.Web.HttpContext.Current.User.Identity.Name. It should always return the authenticated user and regardless of which authentication method is used.
Member
7 Points
33 Posts
How to use Windows account credentials instead of web form login credentials to access DB
Jan 29, 2019 05:38 PM|jhackney01|LINK
In our webforms app we presently have our database username/password information directly in the connection string in the web.config file. We want to change this and begin using Integrated Security so we changed the connection string to look like this:
<add name="LocalSqlServer" connectionString="Data Source=xxx;Persist Security Info=True;Initial Catalog=xxx;Integrated Security=true" providerName="System.Data.SqlClient" />
While this works fine when a person logs in as themselves, the database connection fails when we attempt to login using the username/password of any of our test accounts. It fails because instead of using the Windows account credentials, it is using the credentials of the account information input into the login form.
What do we have to do so that regardless of what information is input into the login form, the database will use the Windows account credentials? Only the database though because the app itself needs to be able to recognize the username/password information input into the form due to permission levels.
All-Star
46260 Points
16905 Posts
Re: How to use Windows account credentials instead of web form login credentials to access DB
Jan 29, 2019 05:50 PM|PatriceSc|LINK
Hi,
So my understanding is that you you have <identity impersonate="true"/> somewhere which runs the app under the authenticated user account. If you disable that it should run under the account your configured for the application pool (which seems what you want).
Member
7 Points
33 Posts
Re: How to use Windows account credentials instead of web form login credentials to access DB
Jan 29, 2019 06:23 PM|jhackney01|LINK
Thank you for the response. We tried that and while setting it to false does allow access to the database using the Windows account credentials, it also logs us into the app itself using those credentials. What I need to figure out is how to keep them separate so that it logs into the database using the Windows account credentials but logs into the app itself using the information from the login form.
All-Star
46260 Points
16905 Posts
Re: How to use Windows account credentials instead of web form login credentials to access DB
Jan 29, 2019 06:35 PM|PatriceSc|LINK
My guess is that for now you are using a method that returns the account under which the code runs (which is more likely why you needed to enable impersonation).
Instead make sure to use System.Web.HttpContext.Current.User.Identity.Name. It should always return the authenticated user and regardless of which authentication method is used.
Member
7 Points
33 Posts
Re: How to use Windows account credentials instead of web form login credentials to access DB
Jan 29, 2019 07:29 PM|jhackney01|LINK
I'll look for it. Thank you.