Reputation: 29159
Blazor hosting in IIS use system account to connect SQL Server? How to impersonate?
I published a Blazor (Server side) application with Windows Authentication to IIS. I disabled "Anonymous Authentication" and enabled "Windows Authentication".
The application can display the login information ("Hello, Domain\Username!") correctly. The application connects to SQL Server using Windows integrate mode.
"ConnectionStrings": {
"MyDatabase": "Server=DBServer;Database=DB1;Trusted_Connection=True"
}
However, it uses the system account (which is used to run IIS?) to connect the SQL Server.
Login failed for user 'Domain\IISMachineName$'.
I tried to enable "ASP.NET Impersonation" for the IIS site and it gets the 500.24 error.
HTTP Error 500.24 - Internal Server Error
An ASP.NET setting has been detected that does not apply in Integrated managed pipeline mode.
Most likely causes:
• system.web/identity@impersonate is set to true.
Upvotes: 1
Views: 2249
Answers (2)
Reputation: 31
You can create a new user on your SQL Server database, and apply all the permisions to write and read data from your database.
You'll need to enable SQL Server Authentication.
You'll need to click on properties
Security --> SQL Server and Windows Authentication
Once you've made all of this step by step, you'll need to create a new user.
- Security
- Logins
- Click with the right button of your mouse then click on New Login.
Now, you can create your login using SQL Server Authentication.
Add this to your connection string:
"ConnectionStrings": {
"DefaultConnection": "Server=localhost\\SQLEXPRESS;Database=Your Database;User Id=Your User;Password=Your Password;"
}
I hope that it helps!
Upvotes: 0
Reputation: 2320
It depends on your hosting and the location of your SQL server, as you say you host in IIS it takes the application pool like any other webservice hosted in IIS.
If SQL Server is on the same server then you can assign the application pool. You can add the application pool to your SQL Database as a Login and user.
CREATE LOGIN [IIS APPPOOL\MyBlazorAppPool] FROM WINDOWS;
CREATE USER MyBlazorAppPool FOR LOGIN [IIS APPPOOL\MyBlazorAppPool];
On a different machine you can simply create the machine hosting your blazor app as a user.
CREATE LOGIN [computername$] FROM WINDOWS;
Upvotes: 2
Related Questions
- Blazor Server with Microsoft Identity in IIS with virtual application
- How to use own User table to log in to Blazor App
- Using username and password from an existing database table to authenticate in Blazor?
- Using Server side Blazor, how do you impersonate a user using windows authentication when connecting to a SQL Server database?
- How can I use regular asp.net identity with a Blazor App?
- Impersonation not working - Asp.Net core 3.1 application with Windows Authentication hosting in IIS
- How to enable Windows authentication with server side Blazor
- How do I perform a custom login/authentication - Blazor Server
- Configure IIS to impersonate a user for SQL Integrated Authentication
- Impersonating a User in Asp.Net