Re: Login failed for user '(null)'.
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 22 Sep 2006 23:24:49 -0500
Unfortunately, your analysis here is most likely wrong. There is nothing
really different between how .NET 1.1 and 2.0 attempt to establish an
authenticated connection with SQL server. If you use a connection string
that uses Windows authentication in both cases, then the authenticated
connection will attempt to be established based on the security token that
is being used to execute the current thread at the time the code is called.
That will either be the security token of the process, or the security token
of some impersonated identity.
Whether or not the remote service accepts the authentication from client
(the web server in this case) depends on whether there is a trust
relationship between the account being authenticated and the remote service
and whether or not the identity being authenticated is being delegated by
the intermediate service (and whether delegation is allowed and configured).
You can discover whether you are getting an apples to apples comparison here
by determining first whether the current security context in both web
applications is the same account. Check
System.Security.Principal.WindowsIdentity.GetCurrent().Name. If they are
both the same and one can authenticate to the remote SQL server but the
other can't, it is almost certainly because one web application can do
Kerberos delegation and the other one can't. If they aren't the same
account (one is the authenticated user and one is the web server process
account), then you aren't comparing the same thing.
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
"PolarBears" <PolarBears@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
I've been away from this issue for a while, with other things. Here's an
interesting twist that may shed some light. Again, let me set it up. SQL
Server 2000 is on one machine with the database in question. Web Server
on a second machine.
Approaching from a different direction, I tried this. Using Visual Studio
Tools for Office 2005, I created two buttons and two datagrids. The first
datagrid accesses file "X" via a .NET 1.1 Web Service. The second
accesses the same file "X" via a .NET 2.0 Web Service. The web services
on the same machine.
Visual Studio Tools for Office 2005 is running on .NET 2.0. Now, here's
interesting part, when I click the button to load the data from the .NET
Web Service, everything loads fine. Duplicated the same process with the
.NET 2.0 Web Service, Login failed for User "Null". This tells me this is
probably something specific to .NET 2.0 and not SQL Server or the Web
else it wouldn't work with .NET 1.1.
- Prev by Date: Re: Changing Active Directory Password from ASP.Net Web Page
- Next by Date: Re: ASP.Net site from network share
- Previous by thread: Re: Changing Active Directory Password from ASP.Net Web Page
- Next by thread: Re: ASP.Net site from network share