locked
ASP.NET web app deployment with windows auth and impersonation and database access : Need suggestion RRS feed

  • Question

  • User-226558482 posted

    Hello All,

    I am facing a issue. Please suggest workaround (solution) that requires less changes.

      I have a ASP.NET MVC website that is deployed on Windows Server 2008 R2. At IIS, Integrated Windows authentication and ASP.NET Impersonation is enabled. The application pool's Identity is set to a custom windows account.

    And configuration setting is as
    <identity impersonate="true"/>
    <authentication mode="Windows" />

      It was working as expected. Now I was making few enhancements that requires to access a common database (SQL 2008 R2) and using Integrated Security=SSPI . Application pool's Identity has access to the database.</div> </div> But here when we run the application, it tries to access the database with the account NT AUTHORITY\ANONYMOUS LOGON and fails. It works if asp.net impersonation is disabled because then it access the database with the account App Pool Identity. We cannot give the every user to have permission to access the database.</div> I cannot disable the Impersonation and want to access the database with App Pool Identity user or some other common user at max. We cannot use SQL authentication also.


    Any workaround that requires less changes.

    Thanks in advance

    Wednesday, July 17, 2013 12:36 PM

All replies

  • User-801004448 posted

    You can use SQL login instead of integrated security.

    SQL login makes it easier in case you need to move website to a different server or use remote database server.

    Friday, July 19, 2013 1:39 AM
  • User-226558482 posted

    I cannot use the SQL authenitcation as in our all the exisitng applications we use integrated security and we have special domain accounts to access the DB server and applications run on those accounts only

    Friday, July 19, 2013 11:35 AM