1

Not entirely sure how to phrase this, so I'll just give as much information as possible.

I've got an asp.net application that uses SELECT on a database table. The connection string is something to the tune of:

"Data Source=Data\Source;Initial Catalog=DataStore; Integrated Security=True"

This works when I use the application locally. Query is executed, information is retrieved, everything's gravy.

The problem is when I try to publish my website using iis. After I publish it, I get the following error when I try to execute the query:

The SELECT permission was denied on the object 'object', database 'DataStore', schema 'dbo'.

I'm kind of stumped here and I'm not that familiar with IIS or security. Any help is appreciated, and I'll try to answer any questions you might have as quickly as possible.

GGMG-he-him
  • 394
  • 1
  • 7
  • 26
  • Is IIS and DB Server on same server? – Jumpei Apr 28 '14 at 02:23
  • Easy solution is to create a SQL account and change your connection string to use it. – Rick S Apr 28 '14 at 02:24
  • @Rick S, That's not going to work for security reasons. Just giving the website a clean username and password would cause difficulties. – GGMG-he-him Apr 28 '14 at 03:05
  • [This MSDN document](http://msdn.microsoft.com/en-us/library/ht43wsex(v=vs.100).aspx) should be a good resource for your options. This should clarify what Rick suggested (unsure what your comment meant about "giving the website a clean username and pwd..." – EdSF Apr 28 '14 at 03:22
  • possible duplicate of [asp.net via kerberos integrated windows authentication to sql server](http://stackoverflow.com/questions/1235829/asp-net-via-kerberos-integrated-windows-authentication-to-sql-server) – Lex Li Apr 28 '14 at 06:09

1 Answers1

1

You have the classic double-hop problem, you can read about it many places, like here and read how to do it right here, or go the easy route and put sql authentication user name and passwords in clear text in your config file.

SqlACID
  • 4,024
  • 20
  • 28