Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Issue with Identity Impersonation and user identity used passed for trusted SQL connection.

Reply
Thread Tools

Issue with Identity Impersonation and user identity used passed for trusted SQL connection.

 
 
Frederick D'hont
Guest
Posts: n/a
 
      07-25-2005
Hi all





First of all I will start with explaining the situation:

1) In the web config impersonation is configured as the following:
<identity impersonate="true" userName="registry:HKLM\Software\myASP.NET\Identit y\ASPNET_SETREG,userName" password="registry:HKLM\Software\myASP.NET\Identit y\ASPNET_SETREG,password" />
This method of impersonation is described on the next page : http://support.microsoft.com/default...b;en-us;329290

2) Somewere else in the web config the applications connection string is configured as follows

<add key="connectionString" value="server=localhost;Integrated Security=SSPI;database=somedatabase;" />

3) In the application there exists a page which contains 2 Iframes which in their turn contain 2 pages which are part of the same web application.

problem

These 2 other pages that run in those iframes both click of Session_Start in the Global.asax whenever they are called. In the Session_start there is a check on application security. The only user aloud to access the database is the one configured in the web.config impersonation. The strange behaviour that I encounter is that one of both pages uses the "MACHINE\ASPNET" account as trusted connection account to the sql server and the other uses the configured one in the web.config. Which of pages that generates the error is completely random. And on some occasions the error doesn't occur.

Generaly using Iframes isn't they way you want to build a solid application, but sometimes time limits and sudden customer requirments does not allow refactoring. The story of our lives

Anyone who has any idea how to fix this issue.



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ASP.NET 2.0 Impersonation of fixed identity - truncation of identity JimLad ASP .Net 0 01-16-2009 10:42 AM
identity impersonate=true masks the identity of the app pool for trusted sql connections Popezilla ASP .Net Security 2 03-18-2007 03:39 AM
Error:Login failed for user ''. The user is not associated with a trusted SQL Server connection. CFTK ASP .Net 5 01-09-2007 10:51 AM
Login failed for user ''. The user is not associated with a trusted SQL Server connection. Dennis ASP .Net 0 06-26-2006 03:55 PM
Difference between HttpContext.Current.User.Identity and identity Impersonation Giovanni Bassi ASP .Net 0 10-20-2003 02:25 PM



Advertisments