Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Running a published aspnet core app with windows auth and Trusted_Connection connectionString

See original GitHub issue

Hi there, What is the best practice for configuring an enterprise asp.net core app which uses windows active directory auth - specifically in relation to DB connectionStrings? What I was hoping for is to use Trusted_Connection (e.g. Server=XXX;Database=YYY;Trusted_Connection=true;) and to configure IIS / dotnet to run the core app using windows user impersonation (or whatever it’s called) so that the core app would issue DB queries using the credentials of the user who is browsing the web app.

The core process appears to inherit the user credentials of the IIS website user (as configured in IISM > app pool & site) - which in fairness is in keeping with how IIS apps used to run. So Trusted_Connection doesn’t work for application user (pass through auth) so I either have to make the IIS site run as a specific windows user or use sql user auth in the connection string (e.g. Server=XXX;Database=YYY;User ID=myUsername;Password=myPassword;)

Is there a way to do Trusted_Connection as the user browsing the website?

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Comments:46 (12 by maintainers)

github_iconTop GitHub Comments

5reactions
ilanccommented, Jan 16, 2017

@DickvdBrink I updated the demo app here: https://github.com/ilanc/AspNetImpersonate

I’m missing the exact steps to enable double-hop/impersonation on the domain. If I hear back from IT I’ll post them here. I include a bunch of links in the readme at the above repo.

1reaction
salinaaaaaacommented, Jul 25, 2017

How about MSFT starts ditching MVC examples, and focuses on REST based ones w/ LDAP/WinADGroups/WinAuth + JWTs: Where front end is 100% decoupled from backend. I mean, its better design for scalability and security purposes. MVC is old and outdated - take heed that aint nobody got time fo’ dat! #Rx #Reactive #Ng #FullyDecoupledUI

Read more comments on GitHub >

github_iconTop Results From Across the Web

Configure Windows Authentication in ASP.NET Core
Create a new Razor Pages or MVC app. In the Additional information dialog, set the Authentication type to Windows. Run the app. The...
Read more >
Connection string using Windows Authentication
Replace the username and password with Integrated Security=SSPI;. So the connection string should be
Read more >
Connection Strings - EF Core
Managing connection strings under different environments with Entity Framework Core.
Read more >
Net Core Set Connection String with Windows ...
In this article I will explain with an example, how to set Connection String with Windows Authentication in AppSettings.json in .Net Core and ......
Read more >
How to Use Windows Authentication to Access SQL Server ...
This sample application demonstrates how to use Windows authentication for Web-based intranet applications to access a SQL Server database ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Could not load file or assembly "System.Interactive.Async"

Next page

Can't build ASP.NET Core project using net461 and x64