Integrated Security Problems with ADO 2.8
From: Steve Newbery (newbesj_at_chevrontexaco.com)
Date: 15 Jul 2004 02:09:49 -0700
We have a couple of Intranet web applications that use Office Web
Components, and logon is done using integrated security set to SSPI.
Our users have "Automatic logon only in Intranet zone" specified in
Zone 2 in their Internet Settings, and this worked fine and dandy -
until we installed MDAC 2.8.
Now the users get the security warning "This website is using your
identity to access a data source ...", and I'm having difficulty in
supressing that prompt. So far, the only way I found is to change the
logon setting in zone 2 (Local Intranet Zone) to "Automatically logon
with current username and password".
1. How come "Automatic logon only in Intranet zone" does not work
anymore in zone 2? Is this a bug or a design feature. It seems
illogical to me.
2. What implications for security are there in changing the logon
setting in zone 2? The problem is that users here can't change their
settings, so it would be a lot of work to apply the change - and we
might not het approval to do so.