0

I have one machine running IIS10, another machine running SQL Server Express. I have create an ASP.NET Razor pages web application. All machines are Windows 10 pro.

I cannot for the life of me figure out how to take the credentials from the web app, pass to IIS, and pass to SQL Server. I want to manager access to SQL Server at the user level, not the IIS DefaultAppPool identity.

Has anyone done this before?

Improve this question
4
  • So you want to have a separate SQL Server user for every user of your web application? This sounds like a nightmare to maintain. What are you hoping to accomplish by doing this? Commented May 31, 2018 at 18:25
  • I think the technique you are looking for is called impersonation. If IIS and SQL Server are running on seperate machines then you may also need to configure Kerberos. Commented May 31, 2018 at 18:44
  • Did you try impersonation? Commented May 31, 2018 at 19:35
  • 1
    Approaches like that are no longer common practice to use database (consider the cloud computing scenarios). Though if you insist, check out ASP.NET user impersonation. Commented May 31, 2018 at 19:35

1 Answer 1

Reset to default
1

Are you trying to pass the user's network login to the database instead of using a dedicated DB account? I think you need a trusted connection.

  1. Grant your users access to your DB
  2. Disable anonymous access in IIS and set the site up SSL
  3. In your connection string set the Trusted_Connection property to true

Connection Strings

If the user is on any browser except IE, they'll probably be prompted for their credentials.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.