In ASP.NET, we have an application that prompts users for their AD credentials using Basic Authentication and ASP.NET Impersonation.
The application then connects to SQL Server with the following connection string
<!-- language: lang-cs -->SqlClient.SqlConnection cnn = new SqlClient.SqlConnection();
cnn.ConnectionString =
"Server=" + MenuServer + ";" +
"Database= " + MenuDatabase + ";" +
"Trusted_Connection=Yes;" +
"Pooling = False;";
cnn.Open();
99% of the time, this passes along the user context just fine, but sporadically we get the following error from SQL Server:
Login failed for user 'WebServerName$'. Reason: Could not find a login matching the name provided
Meaning that it has been unable to pass along the user credentials and instead defaulted to the IIS worker process. Interestingly, when we catch the error, the current user will still be accurately recorded with the following code:
<!-- language: lang-cs -->string userName = Environment.UserName;
Questions:
- What user context does the Integrated Security pass along to the database?
- Is it possible to programmatically check the user before calling
cnn.Open()to confirm we have a real user?