I am always doing the following Login module:
- Create a table with Username and Password
- Login by checking the user table.
So how do I use integrated Login just like the application like Sql Server? I don't mean by passing a connection string, I mean it will check the credential of my application without putting any username and password.
I don't mean the SQL Server integrated Login, I mean my application's integrated login, is it possible?
For example, my application will read the AD's name and compare to the current username, then I don't need the user to type in a password for my application.
I am not sure how do I do that and where to start, since if I search Integrated Login, 99.9% of the results from Google will give me the connection string, which I am not looking for that.
Subversion - how do I control user access for single repository when SVNParentPath is used?
Understanding .NET's “SecurityAction” parameter for permissions
How do I grant limited access to sysprocesses in SQL Server 2005?
Are you using active directory windows authentication? If this is the case you can use the integrated security option in the connection string..
How does .NET security really work?
Here's an example connection string using integrated security:.
What are the most common, typical things to AVOID coding into my ASP.NET app in order for it to run under Medium Trust on a shared host?
This would reduce the complexity allowing you to forget about having to ask the user for a username and password because it'll pick up the windows credentials that they've logged into the workstation with..
"Data Source=MyServer;Initial Catalog=db name;Integrated Security=True"
Windows process structure: How to store user information?
Web authentication state - Session vs Cookie vs?
If the application is a website then you'll need to set the SQL server as "trusted for delegation" in active directory (see http://msdn.microsoft.com/en-us/library/aa905162(SQL.80).aspx).
iPhone client certificate
This will allow the webserver to delegate the user's windows login credentials to the SQL server.
If you don't do this then the SQL connection will be anonymous..
- Environment.UserName in conjunction with Environment.UserDomainName will give you enough information;
- Alternatively (and more secure) you have use the following code snippet:.
AppDomain.CurrentDomain.SetPrincipalPolicy( System.Security.Principal.PrincipalPolicy.WindowsPrincipal); var identity = Thread.CurrentPrincipal.Identity;
identityyou can extract Security Identifier which is designed to be globally unique.
(But not that pretty as domain\username pair.). After getting current user's name you can apply whatever authorization rules you want..