windows authentication to SQL Server

  • Thread starter Thread starter Mark
  • Start date Start date
M

Mark

Is there a way to use ASP.NET's windows authentication so that the user that
is using our web page is the user that is connected to our SQL Server? This
will allow us to leverage our domain roles/groups. Our connection string is
below.

The options I've found so far I don't like:
1. Impersonation - sql server permissions would be granted to this single
account.
2. Granting rights to the ASP.NET user account on our SQL Server - sql
server permissions would be granted to this account.

In both cases, we could pass the name as a parameter so we can audit the
activity, but we'd really like our sql server security to be based on our
windows logins - not the rights of some other account like the impersonated
account or the ASP.NET account.

Suggestions? Thanks in advance!
Mark
 
Use impersonation and disable anonymous authentication (in IIS.)
Also in IIS make sure integrated windows authentication is checked.
This way it should run under the user's account.
 
Interesting. I will try this out, but your first sentence strikes me as
non-intuitive. Impersonation (to me) means that you're going to use an
account other than the one that is currenlty logged in. For example, if I
enter the impersonation information (see below) into the web.config, how do
I make it use the current users account, rather than some specific account?
Is there an alternative syntax?

<authentication mode="Windows" />
<identity impersonate="true" userName="domain\username"
password="password"/>

Thanks Steve.
Mark
 
Back
Top