IIS 7 and WindowsIdentity



Hej,

I have a website where the IIS is setup to use "Windows Authentication".

The website connects to oracle using the following connection string:
<add key="Main.ConnectionString" value="data source=DATABASE;user
id=/;"/>

Running the website, WindowsIdentity return the user added to the
application-pool associated with the website. Thread.CurrentPrincipal return
the user currently accessing the website.

I want OracleConnection to use the identity of the user currently using the
website (here Thread.CurrentPrincipal), but this is not what happens. The
oracle component use the user-account added to the Application Pool (here
found in WindowsIdentity).

There must be a way to do this, but i don't know how to configure the IIS to
use the identity from current user...

Thank you in advance.
BR
Peter


.



Relevant Pages

  • Re: oracle VA/PT
    ... You can get OAT (oracle auditing tool) at cqure.net ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ...
    (Pen-Test)
  • RE: oracle VA/PT
    ... OAT is another good one for Oracle checks ... Absinthe is for SQL injection- ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • Re: Resourceful Link for Oracle
    ... Galen Boyer wrote: ... Directing a poster to a helpful website in response to a question is ... I have been teaching Oracle at the University of Washington for 6 years ...
    (comp.databases.oracle.misc)
  • RE: oracle VA/PT
    ... Absinthe is for SQL injection- ... MetaCoretex will do the Oracle checks. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • Re: Oracle AUTH_PASSWORD string
    ... The Oracle Security Handbook by Oracle Press has a good section on the ... random number with the user's password hash. ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)