DotNetNewsgroup.com  
web access to complete list of Microsoft.NET newsgroups
   home   |   control panel login   |   archive  |  
 
  carried group
academic
adonet
aspnet
aspnet.announcements
aspnet.buildingcontrols
aspnet.caching
aspnet.datagridcontrol
aspnet.mobile
aspnet.security
aspnet.webcontrols
aspnet.webservices
assignment_manager
datatools
dotnet.distributed_apps
dotnet.general
dotnet.myservices
dotnet.nternationalization
dotnet.scripting
dotnet.security
dotnet.vjsharp
dotnet.vsa
dotnet.xml
dotnetfaqs
framework
framework.clr
framework.compactframework
framework.component_services
framework.controls
framework.databinding
framework.drawing
framework.enhancements
framework.interop
framework.odbcnet
framework.performance
framework.remoting
framework.sdk
framework.setup
framework.webservices
framework.windowsforms
framework.wmi
frwk.windowsforms.designtime
lang.csharp
lang.jscript
lang.vb
lang.vb.controls
lang.vb.data
lang.vb.upgrade
lang.vc
lang.vc.libraries
  
 
start date: Thu, 5 Jul 2007 13:56:11 -0400,    posted on: microsoft.public.dotnet.framework.aspnet.security        back       

Thread Index
  1    JT
          2    Dominick Baier
          3    Dominick Baier
          4    Norman Yuan
          5    Norman Yuan


ASP.NET SQL Server logon permission denied    
I have created a simple ASP.NET application on the intranet, accessible only 
to 2 users who will log in as Administrator; the server runs Windows 2000 
Advanced Server.  Page language is C#.  The application accesses a database 
that runs on SQL Server 2005 Express Edition, on the same machine where the 
application is hosted.  The database is used widely in our office from 
Windows Forms applications, and in the ASP.NET application, I used the same 
connection string I use for Windows Forms applications.  Everything works 
fine when debugging the new ASP.NET application in Visual Studio because VS 
automatically logs in as Administrator.  However, when I run the application 
from a browser - locally or across the intranet, it denies access to the 
database with the following message:

[SqlException (0x80131904): Cannot open database "Records" requested by the 
login. The login failed.  Login failed for user 'MACHINENAME\ASPNET'.]

So I disabled Anonymous Access in ISM, and enabled Integrated Windows 
Authentication so that I would be automatically logged in as Administrator. 
I also revised the Web.Config file for this application to deny access to 
all but Administrators.  In the Form.Load section of the page, I put the 
following code to display the username so I can be sure:

        string userstring = User.Identity.Name.ToString();
        Response.Write(userstring);

When the page loads, it shows the Administrator name at the top, so that's 
working correctly.  However, I still get the same error message - it denies 
access to the database for user MACHINENAME\ASPNET, even though I'm logged 
into the application as Administrator.

Any ideas would be most appreciated.  Thanks.
Date:Thu, 5 Jul 2007 13:56:11 -0400   Author:  

Re: ASP.NET SQL Server logon permission denied    
if the database is on the same machine as the web app - you may wanna add

<identity impersonate="true" />

-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)


> I have created a simple ASP.NET application on the intranet,
> accessible only to 2 users who will log in as Administrator; the
> server runs Windows 2000 Advanced Server.  Page language is C#.  The
> application accesses a database that runs on SQL Server 2005 Express
> Edition, on the same machine where the application is hosted.  The
> database is used widely in our office from Windows Forms applications,
> and in the ASP.NET application, I used the same connection string I
> use for Windows Forms applications.  Everything works fine when
> debugging the new ASP.NET application in Visual Studio because VS
> automatically logs in as Administrator.  However, when I run the
> application from a browser - locally or across the intranet, it denies
> access to the database with the following message:
> 
> [SqlException (0x80131904): Cannot open database "Records" requested
> by the login. The login failed.  Login failed for user
> 'MACHINENAME\ASPNET'.]
> 
> So I disabled Anonymous Access in ISM, and enabled Integrated Windows
> Authentication so that I would be automatically logged in as
> Administrator. I also revised the Web.Config file for this application
> to deny access to all but Administrators.  In the Form.Load section of
> the page, I put the following code to display the username so I can be
> sure:
> 
> string userstring = User.Identity.Name.ToString();
> Response.Write(userstring);
> When the page loads, it shows the Administrator name at the top, so
> that's working correctly.  However, I still get the same error message
> - it denies access to the database for user MACHINENAME\ASPNET, even
> though I'm logged into the application as Administrator.
> 
> Any ideas would be most appreciated.  Thanks.
>
Date:Thu, 5 Jul 2007 19:55:26 +0000 (UTC)   Author:  

Re: ASP.NET SQL Server logon permission denied    
if the database is on the same machine as the web app - you may wanna add

<identity impersonate="true" />

-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)


> I have created a simple ASP.NET application on the intranet,
> accessible only to 2 users who will log in as Administrator; the
> server runs Windows 2000 Advanced Server.  Page language is C#.  The
> application accesses a database that runs on SQL Server 2005 Express
> Edition, on the same machine where the application is hosted.  The
> database is used widely in our office from Windows Forms applications,
> and in the ASP.NET application, I used the same connection string I
> use for Windows Forms applications.  Everything works fine when
> debugging the new ASP.NET application in Visual Studio because VS
> automatically logs in as Administrator.  However, when I run the
> application from a browser - locally or across the intranet, it denies
> access to the database with the following message:
> 
> [SqlException (0x80131904): Cannot open database "Records" requested
> by the login. The login failed.  Login failed for user
> 'MACHINENAME\ASPNET'.]
> 
> So I disabled Anonymous Access in ISM, and enabled Integrated Windows
> Authentication so that I would be automatically logged in as
> Administrator. I also revised the Web.Config file for this application
> to deny access to all but Administrators.  In the Form.Load section of
> the page, I put the following code to display the username so I can be
> sure:
> 
> string userstring = User.Identity.Name.ToString();
> Response.Write(userstring);
> When the page loads, it shows the Administrator name at the top, so
> that's working correctly.  However, I still get the same error message
> - it denies access to the database for user MACHINENAME\ASPNET, even
> though I'm logged into the application as Administrator.
> 
> Any ideas would be most appreciated.  Thanks.
>
Date:Thu, 5 Jul 2007 19:55:26 +0000 (UTC)   Author:  

Re: ASP.NET SQL Server logon permission denied    
Only using Windows Authentication in IIS does not make the ASP.NET app run 
under current user's windows/domain account. Authentication, well, is 
Authentication, it is just way to determine who the user is.

In your case, you have to make sure the ASP.NET app is run under a user 
account that have acess to the said SQL Server. Since you want use the user 
account who access the the ASP.NET app from client computer, you need:

1. Make sure IIS use Windows Authentication (you have done that);
2. Make sure in the ASP.NET app's web.config file <authentication 
mode="Windows" />;
3. you need to enable "impersonate": make sure the web.config file has this 
in it: <identification impersonate="true" />

now, the ASP.NET app will run under the user account that a user log onto 
his computer. As long as that user account has access to the said SQL Server 
database, the ASP.NET app will has the same access.


"JT"  wrote in message 
news:GIydneryav9GrRDbnZ2dnUVZ_oGlnZ2d@giganews.com...

>I have created a simple ASP.NET application on the intranet, accessible 
>only to 2 users who will log in as Administrator; the server runs Windows 
>2000 Advanced Server.  Page language is C#.  The application accesses a 
>database that runs on SQL Server 2005 Express Edition, on the same machine 
>where the application is hosted.  The database is used widely in our office 
>from Windows Forms applications, and in the ASP.NET application, I used the 
>same connection string I use for Windows Forms applications.  Everything 
>works fine when debugging the new ASP.NET application in Visual Studio 
>because VS automatically logs in as Administrator.  However, when I run the 
>application from a browser - locally or across the intranet, it denies 
>access to the database with the following message:
>
> [SqlException (0x80131904): Cannot open database "Records" requested by 
> the login. The login failed.  Login failed for user 'MACHINENAME\ASPNET'.]
>
> So I disabled Anonymous Access in ISM, and enabled Integrated Windows 
> Authentication so that I would be automatically logged in as 
> Administrator. I also revised the Web.Config file for this application to 
> deny access to all but Administrators.  In the Form.Load section of the 
> page, I put the following code to display the username so I can be sure:
>
>        string userstring = User.Identity.Name.ToString();
>        Response.Write(userstring);
>
> When the page loads, it shows the Administrator name at the top, so that's 
> working correctly.  However, I still get the same error message - it 
> denies access to the database for user MACHINENAME\ASPNET, even though I'm 
> logged into the application as Administrator.
>
> Any ideas would be most appreciated.  Thanks.
>
>
>
Date:Thu, 5 Jul 2007 13:00:25 -0700   Author:  

Re: ASP.NET SQL Server logon permission denied    
Only using Windows Authentication in IIS does not make the ASP.NET app run 
under current user's windows/domain account. Authentication, well, is 
Authentication, it is just way to determine who the user is.

In your case, you have to make sure the ASP.NET app is run under a user 
account that have acess to the said SQL Server. Since you want use the user 
account who access the the ASP.NET app from client computer, you need:

1. Make sure IIS use Windows Authentication (you have done that);
2. Make sure in the ASP.NET app's web.config file <authentication 
mode="Windows" />;
3. you need to enable "impersonate": make sure the web.config file has this 
in it: <identification impersonate="true" />

now, the ASP.NET app will run under the user account that a user log onto 
his computer. As long as that user account has access to the said SQL Server 
database, the ASP.NET app will has the same access.


"JT"  wrote in message 
news:GIydneryav9GrRDbnZ2dnUVZ_oGlnZ2d@giganews.com...

>I have created a simple ASP.NET application on the intranet, accessible 
>only to 2 users who will log in as Administrator; the server runs Windows 
>2000 Advanced Server.  Page language is C#.  The application accesses a 
>database that runs on SQL Server 2005 Express Edition, on the same machine 
>where the application is hosted.  The database is used widely in our office 
>from Windows Forms applications, and in the ASP.NET application, I used the 
>same connection string I use for Windows Forms applications.  Everything 
>works fine when debugging the new ASP.NET application in Visual Studio 
>because VS automatically logs in as Administrator.  However, when I run the 
>application from a browser - locally or across the intranet, it denies 
>access to the database with the following message:
>
> [SqlException (0x80131904): Cannot open database "Records" requested by 
> the login. The login failed.  Login failed for user 'MACHINENAME\ASPNET'.]
>
> So I disabled Anonymous Access in ISM, and enabled Integrated Windows 
> Authentication so that I would be automatically logged in as 
> Administrator. I also revised the Web.Config file for this application to 
> deny access to all but Administrators.  In the Form.Load section of the 
> page, I put the following code to display the username so I can be sure:
>
>        string userstring = User.Identity.Name.ToString();
>        Response.Write(userstring);
>
> When the page loads, it shows the Administrator name at the top, so that's 
> working correctly.  However, I still get the same error message - it 
> denies access to the database for user MACHINENAME\ASPNET, even though I'm 
> logged into the application as Administrator.
>
> Any ideas would be most appreciated.  Thanks.
>
>
>
Date:Thu, 5 Jul 2007 13:00:25 -0700   Author:  

Google
 
Web dotnetnewsgroup.com


COPYRIGHT ?2005, EUROFRONT WORLDWIDE LTD., ALL RIGHT RESERVE  |   Contact us