views:

10

answers:

0

I'm dealing with a problem trying to use Windows authentication with IIS 7 in Windows Server 2008. Also i'm using WCF.

I have a client application and the server application. The server application manage the user accounts using Active Directory. Everything starts when the client sends its user and password to the server application, which is hosted in the IIS(7), and this application must use the same credentials to authenticate the user in the Active Directory.

Also after the user is logged in the application, every request sent to the database must use Windows Integrated Security.

I already installed Windows Authentication in the IIS 7, and also I enabled it, (and disabled Anonymous Authentication), also I added authentication mode="Windows" in the server app Web.config.

I would like to know: - How can I know which user is running the server application (In other words, which user is doing requests to the database). I forgot to say I can't use the SQL Server Profiler cause I don't have permissions. - If I'm missing something, cause I don't want to have security problems in the application.

By the way this website says something about this topic but using another IIS version. http://imar.spaanjaars.com/287/how-do-i-determine-the-security-account-that-iis-uses-to-run-my-web-site