Re: Integrated Authentication
- From: Scott Allen <scott@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 13 Dec 2005 11:21:36 -0500
>
>The error was simple to solve, but what suprised me was the userid that was
>used. I was logged in as Administrator but the error revealed that the userid
>ASPNET was actually being passed to the DB.
The connection is established from the ASP.NET worker process, which
runs under the ASPNET account. If you turn on impersonation in
web.config, then the runtime can establish a connection with the
client's identity that comes in from IE (your Administrator account).
The catch would be if you ever move the app into a distributed
envionment, impersonation breaks. Credentials can only make a single
hop across the network unless you move to 'the next level' of
credential forwarding - which is delegation.
Some resources:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/paght000023.asp
http://odetocode.com/Blogs/scott/archive/2005/02/24/1053.aspx
--
Scott
http://www.OdeToCode.com/blogs/scott/
.
- Prev by Date: Re: TreeView and Master Pages
- Next by Date: Implementing SEND THIS PAGE
- Previous by thread: Re: How to retrive and process information from other web pages withou
- Next by thread: Implementing SEND THIS PAGE
- Index(es):
Relevant Pages
|
