views:

63

answers:

2

in my asp.net MVC project

i have an database connection with connectionstring: Data Source=.;Initial Catalog=dbname;Integrated Security=True

All users can execute Stored Procedures on that connection and i want to log those users.

so after each execution I store "User.Identity.Name" to another database. This work great on my development machine but after deployment, to access the site i have to go through a VPN-connention and then remote desktop to the same server that the IIS is running on and use a web-browser there. Then i get User.Identity.Name: "NT AUTHORITY\NETWORK SERVICE". i would expect it to be the credentials i entered in remote desktop that have access to the database.

any idea how i can get this to work?

iis6 authentication: "windows authentication: enabled" web.config:

+3  A: 

You have to use impersonation. Otherwise, the application pool identity is used. Basically, it's done with this web.config entry

<identity impersonate="true" />

Here you have the complete reference.

ASP.NET Impersonation

Claudio Redi
+1  A: 

You need to set Impersonation to true, otherwise the web site runs under the credentials used for the AppPool. The reason that it works in Cassini is that Cassini is running under your own credentials while you are debugging.

tvanfosson