1

To cut a long story short: As part of an online database access system I'm writing I want to use the new BLOB access features in SQL 2008 - this means I have to use Windows Authentication when logging into the SQL Server; however due to it's very nature the website front end to all this uses Forms authentication with the membership data stored on that SQL server.

How do I get the web application to impersonate a user account so it can connect to the SQL server, i.e. I don't want to use the account of a user logged into the website. (Not that you could do this as the membership details are stored on the SQL server)

The webserver and the SQL server are on different machines on the same network, there is a user account set up just for the web application to use.

Improve this question

1 Answer 1

Reset to default
2

The connection string should look something like:

< add name="MyConnectionString" connectionString="Data Source=THESQLSERVER;Initial Catalog=TheDatabase;Persist Security Info=True; Integrated Security=True;Application Name=CRM.Sales" providerName=""/>

Where you use Integrated Security. Then your application pool should use an identity that has access to your sql server.

You would grant rights to that identity.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

My connection string is set up correctly; I don' have administration rights on our web server's IIS, is that where the application pool identity needs to be set?
Yes, it is. However, you don't need to change the account in IIS - just check which account is already being used, and give that account access rights to your SQL Server and databases.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.