最佳解答者
ASP.NET OS authentication Logon Oracle

問題
-
I had develope a web service wanted to uses the OS authentication to logon Oracle.
From developemnt machine (XP) is workfine and once setup in win2003/IIS6,
it always get Logon Denied (invalid username/password) get back from Oracle
however, when I using the command line sqlplus /@SID, it could be success login to Oracle in server with the same account.
Is there any .NET configuration need to be done?
The story is:
A-Server-ASP.NET Web Application using impersonate to connect
B-Server-VB.NET-WebService, connectionstring="integrated security=yes;Data Source=dbSID;User Id=/;" logon on to
C-Server-Oracle, already using NTS be auth, can be logon to sqlplus /@dbSID in command prompt and even TOAD ...
We use AD to be the account management ...
Please help ... I would like to reclaim that it is workfine in XP developement machine, but when it setup in W2K3 ...
2008年10月9日 上午 11:53
解答
-
Please have a look on the following link about Oracle integrating with ASP.NET
Oracle Access Manager supports the ASP.NET component of the Microsoft .NET Framework, which developers can use to build, deploy, and run Web applications and distributed applications..........
http://download.oracle.com/docs/cd/B28196_01/idmanage.1014/b25347/aspdotnet.htm
2009年1月12日 上午 06:14
所有回覆
-
Due to different IIS worker process handling method, you will result in the following situation in your scenarios:
1. For A-Server, you will result in using the "ASPNET" local account to access the Oracle database.
2. For B-Server, you will result in using the client's login account (i.e. AD account) to access the Oracle databse.
In other to make scenario (1) works, you have to add to your web.config inside the <system.web></system.web> section:
<identity impersonate="true" />
Hope it can help.
2008年10月15日 上午 09:10 -
Thanks all for interest,
About the connection string, I uses the "User Id=/;" to indicate the impersonate for account and it work fine if doing in application in other project.
For both A and B server web service, impersonate="true" are both added.
A server noted as impersonate=true and specific domain user can identify in B server web service (web user identity)
I think the critical point is: A Server authorize the domain user logon and connect to B server, assume to useing the authorized privilege by A, to access C, the Oracle database through B, just like a pass through of authentication.
I'm now getting for a work around that hard code another granted domain user account as
<identity impersonate=true username=domainuser password=password/> in web.config to made it work first ....
It is not really a solution since the connectivity is broken into two pieces:
From A to B, then B to C ...
Any one get idea?2008年10月15日 下午 02:05 -
Please have a look on the following link about Oracle integrating with ASP.NET
Oracle Access Manager supports the ASP.NET component of the Microsoft .NET Framework, which developers can use to build, deploy, and run Web applications and distributed applications..........
http://download.oracle.com/docs/cd/B28196_01/idmanage.1014/b25347/aspdotnet.htm
2009年1月12日 上午 06:14