Solved

how do I use the windows user in a webservice?

Posted on 2008-06-23
3
174 Views
Last Modified: 2010-04-15
I have a project with a webserice.  I was using a hardcoded username in my connection string.  My tables in my db have a createdby and modified by field.  I don't pass them in, since the default value is (suser_sname()).  Basically it would fill in the username for me.  It worked on my dev machine, but not on the server.  

I changed the iis settings to use Integrated Windows.  When I run my app, it says I can't connect to the db
for user "mydoman\the computer name the webservice is running on".  How do I get the webservice to use the username of the person using the app?
0
Comment
Question by:jackjohnson44
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 33

Expert Comment

by:raterus
ID: 21847622
Turn back on Integrated Windows Authentication, this is what you need to use.  

Is your DB on a different computer than your webserver?  If that is the case, you need to enable Delegation on your webserver.  This is the "ok" in active directory for the webserver to pass along the credentials of your user to another server.

http://support.microsoft.com/default.aspx?scid=kb;en-us;810572
0
 

Author Comment

by:jackjohnson44
ID: 21856825
My db is on a different server.  I have active directory and tried the suggestion in the link that mentioned but it looks like the webservice is trying to use it's computer name as the username in sql server.  Do you have any more advice?
0
 
LVL 33

Accepted Solution

by:
raterus earned 500 total points
ID: 21856965
First off, this isn't a simple set a few settings and it'll magically work.  There is a very detailed setup here, and you really need to understand how it all fits together to be able to get this to work.

If you checked the "Allow Delegation" tab in active directory users and computers, then your next step is to restart your webserver.  This is an unwritten gotcha about this setting.

Does your webserver/service use a fully-qualified domain name, e.g "myserver.mydomain.com", if that's the case then you need to add SPNs to active directory.

You also need <identity impersonate="true" /> in web.config

You must ONLY have integrated windows impersonate in IIS checked, no anonymous

Those are a few more things in this, so let me know what you find.
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question