asp.net sql trusted connections between servers

From: Rob (rob_at_nospamforme.com)
Date: 10/21/05

  • Next message: S.M. Altaf [MVP]: "Re: Same Application with Web and Desktop Application Interface"
    Date: Fri, 21 Oct 2005 08:29:04 -0400
    
    

    So we have a client who doesn't want to run a Service Level Account
    (either via an Application Pool or IIS impersonation) and we need to
    connect to a remote SQL Server instance w/ Read-Write permissions. They
    don't want to do it that way due to the maintenance issues with
    passwords in multiple locations.

    We're using an OLE connection to SQL server and currently have the
    username and password obfuscated (not strong encryption) in the
    connection string in the web.config. Looking for a better alternative.

    We've looked into things such as described here:

    http://idunno.org/dotNet/trustedConnections.aspx

    This is a secured, internal app: Where I'm confused is why the standard
    Windows Authentication setting for access via IIS doesn't seem pass the
    users credentials to the SQL Server (even with impersonate=true in
    web.config). Ideally we just wanted to have read-write windows group and
    add users that way. The connection to SQL with impersonation and Windows
    Authentication remains either IIS or the Application Pool Identity?

    So, two questions:

    1. is this impersonation behavior with IIS and Windows Authentication
    documented anywhere (need to show them via a reliable source this
    doesn't work beyond the fact that its not working)

    2. Short of encrypting the user connection information in the registry
    (also a maintenance hassle) are there any other options?

    many thanks,

    Rob


  • Next message: S.M. Altaf [MVP]: "Re: Same Application with Web and Desktop Application Interface"