NetworkCredential of Current User?

[bdwise]

I have a console application that uses NetworkCredential to send
username/password to an ASP.NET app (Windows Integrated
authentication). Instead of hand-coding the username and password, I
would like to pass the credentials of the currently-logged on person
to the web server, just like IE does automatically with a "trusted
zone" setting.

How to pass the current user credentials in a web request?

Thanks.

 

[alien2_51]

You should be able to do this with impersonation... Try adding <identity
impersonate="true"/> to the app.config file and to the web.config of the
asp.net app you are making the request to. If your trying to daisy chain
your authentication mechanism you'll have to use kerberos because NTLM only
supports one network hop.

example: you have a astandard asp.net app with a sql backend, you want to
use integrated security to pass the user credential all the way to the
database. asp.net will have to impersonate the user, iis authenticates the
user against the domain controller and must delegate on behalf of the user
to access the database at this point if you are using NTLM this will fail
because NTLM supports only one network hop which was spent between the
browser and the web server.. if you run the browser directly on the web
server this will work because the only network hop is between the web server
and database...

 

[Anders Borum]

Passing the users' credentials to the SQL Server is a pretty bad idea. This
has the sideeffect of creating a connection pool for each logged on user, as
the user credentials are now becoming a part of the connection string.

This is a killer in terms of scaleability.