IIS with a web application using impersonated Windows authentication

Question

IIS with a web application using impersonated Windows authentication

I do not use this, but an interesting question. If I installed a web application in IIS to use Windows authentication and impersonate an authenticated user, and use my ConnectionString for the SQLServer database Integrated Security=true;, will my application use an authenticated user when trying to connect to the database?

If so, is that good? (The database has the LDAP / AD Domain Users permissions. Consideration of a database that will be checked when each user logs your activity.)

+4

sql-server asp.net iis impersonation windows-authentication

jvitor83 Nov 01 '13 at 20:06

source share

4 answers

, E.K. , Kerberos. , , " ". , "Server-A", , "Server-A", , SQL Server "Server-B". , :

kerberos, . . , , . .

+3

Josh 01 . '13 20:40

, " " . . ASP.NET 2.0

+1

Sumit 08 . '13 10:36

Windows, .

, , , .

This means, however, that the audit logic must be added to the application data layer and stored procedures that access the database to ensure that the caller is registered as part of the database access, otherwise the service account will only be an account in audit table.

0

Mike beeler Nov 08 '13 at 2:11

source share

E.K. · Accepted Answer · 2013-11-01T20:15:50+0000

Yes, connections to SQL Server will be under these users.

In general, this is not good. But it depends on the situation. The following are the main factors to consider:

Each user will need their own connection. Connections from different users cannot be reused, even if pooling is used. Creating a connection is a relatively expensive operation. And for each connection, a little memory is required.
(, , Windows, ). .. , -. , , SQL Server

IIS with a web application using impersonated Windows authentication

More articles: