|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
.NET Server Authenticationthe most appropriate newsgroup to post to, so let me know if there’s somewhere else I should look. Forgive the length, but I wanted to weed out the more generic answers that are already published. ENVIRONMENT: SQL Server 2000 on Windows Server 2000. ..NET Web Server, IIS 6 on Windows Server 2003 Clients running Windows XP, IE 6.0 Authentication: Windows Active Directory PROBLEM: I’m building a .NET Intranet where users are authenticated via Integrated Windows Authentication. While the SQL Server is on a different physical machine from the Web Server, delegation and impersonation has been setup correctly. The problem is that I get an ‘occasional’ login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' from the SQL Server. The following is one set of steps that leads to this, but is not the only thing that causes it, this is just what I can reproduce regularly: 1. I open an .aspx page with a search form that searches the database. 2. I let the page sit, without using the computer, for a period of time (somewhere between 30 – 60 minutes, I can’t pin down the exact time). 3. I type something in the search box and submit. 4. Under any other circumstance, this would return a result from SQL Server, but in this case I get a login failed. NOTE: I have already ruled out a Session timeout on the web server as a cause by doing this with a timeout setting of a couple of minutes and again with the timeout set to a few hours. It’s still 30-60 minutes before this will happen. Now, here’s the really odd part. 5. The error page I get is a custom error page I built. Among the other information on this page is a link back to the Homepage. The Homepage also runs a database query at load time automatically. 6. If I click this link within a second or two, I get the “login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'†when it tries to run the query and I get sent back to the error page. Continuing to click on the Homepage link every second or two will generate this same result, until about the third click, 5-6 seconds, when all of a sudden, it will go to the Homepage and connect to SQL Server without a problem. And to make things a little bit stranger: 7. If I’m letting this page sit the 30-60 minutes to generate the error and am logged into another computer with the same Active Directory account, the error will not occur. Now, it seems like there is some point where my credentials are forgotten or timed out on the network, then it takes 5-6 seconds to reestablish credentials across the network, but I’m not sure of this. Please let me know if I didn’t make sense anywhere. Any thoughts would be greatly appreciated. 
Other interesting topics
Form Authentication and new browser instance
System.ExecutionEngineException for certificate object creation Role based security on local machine Web Services and Access Control sspi in c# I keep receiving a file/path access error. RSA Encrypt/Decrypt with OAEP. OAEP Decryption Error NCrypto Encryption & Decryption RE: ADAM, AzMan question |
|||||||||||||||||||||||
