Web Service using Impersonation

Hi,

I currently have the following architecture:

On an internal network: I have a windows forms client connecting to a web service on another computer, all on the same network and domain. The web service is in-turn connecting to a SQL server database using windows integrated security (SSPI).

The problem: Windows integrated security is required throughout the whole architecture.

The web service can only run in one named user account and a password is required to do this i.e. using the following in the web.config file:

<identity impersonate="true" userName="MyDomainName\MyUsername" password="MyPassword"/>

How can I carry the credentials of ANY user on the client through to the database without providing a windows password from the outset?

Your suggestions are greatly appreciated.

Thanks in advance.

RK.
KaptainRADAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
gregoryyoungConnect With a Mentor Commented:
you could impersonate through code ...

http://www.netomatix.com/ImpersonateUser.aspx

little class in C# http://www.codeproject.com/useritems/ZetaImpersonator.asp

Cheers,

Greg
0
 
KaptainRADAuthor Commented:
Hi,

I managed to get it all working by enabling Kerberos on our network.
This meant allowing the connecting machines between the tiers and specified users to delegate credentials between them. (And setting the Web.config file to Impersonate=TRUE)

Regards.

KaptainRAD.
0
All Courses

From novice to tech pro — start learning today.