MultiTier IIS-SqlServer Login

[john]

How do I login to sqlserver using using integrated security in a multi tier
environment?

Can IIS pass my login details to Sql Server.

regards
John

[Scott Allen]

On Fri, 2 Aug 2002 13:52:20 +0100, "john" <jfl...@webdatabases.co.uk>
wrote:

>
>Can IIS pass my login details to Sql Server.
>

Yes, you can enable impersonation in the web.config file and the
ASP.NET code will execute with the identity of the client.

<configuration>
<system.web>
<identity impersonate="true" />
</system.web>
</configuration>

There are some gotchas to this approach, such as the probable loss of
connection pooling features, but maybe you already know this. Try
these URLs for more details:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconaspnetimpersonation.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconDatabaseSecurity.asp

--
Scott

[Willy Denoyette [MVP]]

Yes, but this requires Kerberos delegation to be configured correctly, that is:
1. All your clients are running W2K or higher and are a member of an W2K AD domain.
2. All client accounts (accessing SQL server) are trusted for delegation.
3. The IIS server machine account is trusted for delegation, and is not used as DC.
4. SQL server if configured correctly (see: Active Directory Integration in SQL Books on line).

Be aware that :
- doing this you aren't taking advantage of connection pooling in the middle tier.
- of the security implications by enabling the accounts to be delegated.

Willy.

"john" <jfl...@webdatabases.co.uk> wrote in message news:ubm52KiOCHA.2456@tkmsftngp13...

[john]

My machines are a mixed bunch.

Does this mean that I have to hard wire a login/password?

Regards

John

"Willy Denoyette [MVP]" <willy.d...@pandora.be> wrote in message
news:e$82GcvOCHA.2392@tkmsftngp04...