ASP.NET prox way of Querying database

Hi Experts,

    I am trying to achieve following - in an ASP.NET (2010) web application ( IWA  enabled) on Win 2k8 R2 ENT  server

     A normal user access the site .
      On click of a button ,The site should access a Sql Server(2008 R2)  database behind  . The user has no privilege  to access DB .  The DBA  has given a predefined user ( not a person)  , say DBAccessUser  for accessing the Database

 Is there a way of accessing the database as DBAccessUser , but without mentioning a connectionstring  (  an  ApplicationPool user  or something of that kind)
Sam OZAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ryan ChongBusiness Systems Analyst , ex-Senior Application EngineerCommented:
just like a normal ASP.NET application with backend database ... connectionstring configuration need to know the database username and password for authentication, so the username DBAccessUser need to be provided in the ConnectionString.

you don't need to have too much worry about the ApplicationPool in IIS.
How do you access a database without a connection string? You still need a connection string. The connection string used with Windows authentication must include either the Trusted_Connection=Yes attribute, or the equivalent attribute Integrated Security=SSPI, as shown here:
  <add name="MyDbConn1" 
  <add name="MyDbConn2" 
      connectionString="Initial Catalog=MyDb;Data Source=MyServer;Integrated Security=SSPI;"/>

Open in new window

Next, you configure your web application to impersonate a said windows account. Do this in the web.config by using:
    <identity impersonate="true" userName="DOMAIN\UserName" password="Password" />

Open in new window

More info here:
@Sam... It is an impossible requirement. Once we cross that bridge, we can move on :) Why don't you want a connection string?

My guess was you want to use Windows Authentication (assuming DBAccessUser is a windows account)? In which case I propose impersonation, but you still need to put authentication details into the web.config. If using SQL Mixed Mode authentication and DBAccessUser is actually a SQL Server account, then you will still need to put the database connection details into a connection string with the SQL user and password.
Sam OZAuthor Commented:
Hi  MlandaT ,

    I think your answer is almost the answer.   All I needed was not keeping the connection string with username and password .   But in impersonating, you are mentioning password also  (Is there a way of making use of the application pool user to fetch query database . Then I don't have to mention the password )
Yes. You can do that. Just set:
    <identity impersonate="true" />

Open in new window

Then all database connections will use the identity IIS provided for the request. This of course will bee your ApplicationPoolIdentity. But you still need a database connection string with "Integrated Security" or "Trusted Connection"

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.