Hello everyone.
The Problem:
need to do a search over 3 databases from a webapp and return the collected results. These db's have pretty tight security and the people who will call the webapp will not have access to all three.
I was told the security model I have to use is the trusted subsystem, i.e. the app takes windows authentication, it runs under an application pool that uses the identity of a custom service account that we have given read access to a limited subset of database views.
I have registered the service account on the server using aspnet_iisreg -ga ...
The web app is running under the default website. it's iis7. the app is written using the asp.net mvc framework.
The problem arises when I try to go to the site from my local machine typing http:///[/] then I get a windows login box followed by a 401.1 "Unauthorized: Access is denied due to invalid credentials" error.
From within the server using the same path I can see the page with the data.
If I allow anonymous access in the Directory Security section of the web app properties, I can go to the page (just no data)
If I change the Application Pool Identity to Predefined: Network service, I can also go to the page (still no data).
it is just when I use the service account I get the login box.
Any advice?
Thanks
Paul