Delegation/Basic Authentication - using browsers other than IE

From: Raterus (moc.liamtoh_at_suretar.reverse)
Date: 11/16/04 

Date: Tue, 16 Nov 2004 12:20:35 -0500

Hi,

I'd really like to see my intranet asp.net pages with other browsers, but I'm having a problem when it comes to connecting to SQL Server. My intranet site is configured with Integrated Windows Authentication & Basic Authentication; anonymous access is disabled. I only get these problems when I request a page that uses SQL Server, if the page is just a simple asp page, it works great. Let me run through what I'm doing.

I request a page that interfaces with SQL Server, since Integrated windows authentication won't work, it falls back on basic, I enter my credentials (yes I'm entering the right ones!), but get hit with these kind of errors.
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
Incidentally, I have already configured delegation on this webserver, and it works perfectly with Internet Explorer/Integrated Windows Authentication. I would think this would be even easier with another browser/basic authentication, since I have to enter my credentials, that should create a primary authentication token on the server for it to use, right?

My question is, why is my webserver trying to pass "NT AUTHORITY\anonymous logon" on to SQL Server? Both my webserver and my domain account are "Trusted for Delegation"

I've done a little detective work and determined that if I turn off Integrated Windows Authentication, it works like I want it too, unfortunately I can't do this since everyone else uses IE. It's almost as if IIS is not completely falling back onto Basic Authentication. Can someone help me out here!

Thanks for any help!
--Michael

Relevant Pages

  • IIS and SQL Server on diff computers
    ... we have this issue that when i use Integrated Windows Authentication, ... it seems the user's credentials are not being passed on to the sql server ...
    (microsoft.public.inetserver.iis)
  • Re: IIS and SQL Server on diff computers
    ... >we have this issue that when i use Integrated Windows Authentication, ... >it seems the user's credentials are not being passed on to the sql server ... Paul Lynch ...
    (microsoft.public.inetserver.iis)
  • Re: Balancing security needs in ADO.NET applications
    ... See my article http://www.developer.com/db/article.php/3693236 that shows how to put together a hierarchical TableAdapter using SPs. ... Hitchhiker's Guide to Visual Studio and SQL Server ... SQL Server credentials or the application's logon/pw. ... all they can do is run specific SPs that carefully guard the data and do not permit gross operations like dropping tables or changing rights. ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: Windows authentication and availability
    ... We are currently deploying an ASP.Net intranet application to our WAN. ... application uses integrated Windows authentication. ... If the local domain controller fails, will post-backs fail because of our ... Each time we query the user’s credentials, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Login failed for user . The user is not associated with a trusted SQL Server connection.
    ... he never mentioned he is impersonating in asp.net - so no delegation needed. ... Cassini runs with the credentials of the interactive user - which seems to have access to sql - in contrast to the local ASPNET account - which i am trying to tell him since 2 days.... ... yes - use explicit credentials and enable mixed mode auth in sql server to get this to work. ...
    (microsoft.public.dotnet.security)