Solved

how do I use the windows user in a webservice?

Posted on 2008-06-23
3
169 Views
Last Modified: 2010-04-15
I have a project with a webserice.  I was using a hardcoded username in my connection string.  My tables in my db have a createdby and modified by field.  I don't pass them in, since the default value is (suser_sname()).  Basically it would fill in the username for me.  It worked on my dev machine, but not on the server.  

I changed the iis settings to use Integrated Windows.  When I run my app, it says I can't connect to the db
for user "mydoman\the computer name the webservice is running on".  How do I get the webservice to use the username of the person using the app?
0
Comment
Question by:jackjohnson44
  • 2
3 Comments
 
LVL 33

Expert Comment

by:raterus
Comment Utility
Turn back on Integrated Windows Authentication, this is what you need to use.  

Is your DB on a different computer than your webserver?  If that is the case, you need to enable Delegation on your webserver.  This is the "ok" in active directory for the webserver to pass along the credentials of your user to another server.

http://support.microsoft.com/default.aspx?scid=kb;en-us;810572
0
 

Author Comment

by:jackjohnson44
Comment Utility
My db is on a different server.  I have active directory and tried the suggestion in the link that mentioned but it looks like the webservice is trying to use it's computer name as the username in sql server.  Do you have any more advice?
0
 
LVL 33

Accepted Solution

by:
raterus earned 500 total points
Comment Utility
First off, this isn't a simple set a few settings and it'll magically work.  There is a very detailed setup here, and you really need to understand how it all fits together to be able to get this to work.

If you checked the "Allow Delegation" tab in active directory users and computers, then your next step is to restart your webserver.  This is an unwritten gotcha about this setting.

Does your webserver/service use a fully-qualified domain name, e.g "myserver.mydomain.com", if that's the case then you need to add SPNs to active directory.

You also need <identity impersonate="true" /> in web.config

You must ONLY have integrated windows impersonate in IIS checked, no anonymous

Those are a few more things in this, so let me know what you find.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now