Skip to main content
O
OwenWest
Participant
May 8, 2008
Answered

SQL Server 2005 Windows Authentication

  • May 8, 2008
  • 5 replies
  • 1938 views
Hi all,

I have a situation whereby I want to authenticate an application user to the SQL Server 2005 database through my ColdFusion 8.0.1 application. I have the following config:

SQL server Authentication Mode: Mixed
ColdFusion Service Account: DOMAIN\ColdFusion
DOMAIN\ColdFusion windows account has access to SQL Server and the database ("public" database role - low privs)
DSN configured in CF using no user name/pwd - uses Windows Authentication - works fine, connection is OK
IIS 6 (Windows 2003 R2) configured to use Integrated Security

What I want to do is to have the CF application and IIS essentially "pass through" the remote user's domain login (eg. DOMAIN\JBloggs) and have the application run all SQL queries using this user's credentials, not the credentials of the CF domain account. I want to authenticate based on the remote domain user, not the user running the ColdFusion server. Is this possible? I can see the remote user's domain user id in the CGI.REMOTE_AUTH (or REMOTE_USER or whatever it is) CGI variable, but how can I get IIS and CF to pass this value throgh to SQL Server 2005 for use qith queries?

Any assistance much appreciated.
This topic has been closed for replies.
Correct answer OwenWest
Ken,

That is what I thought. I have also looked through various blogs, forums, web sites and so on devoted to Flex/ColdFusion and I suspect that the best option will be to use the Flex setRemoteCredentials() function and the ColdFusion cflogin/cfloginuser functionality in some manner. I will work on this (unless you have any better options).

Thanks for the info.

5 replies

W
wltiii
Known Participant
May 13, 2008
How timely. I need to do this as well. Certainly, if there is some way to pass the remote user's credentials, it'd be fantastic.
O
OwenWestAuthorCorrect answer
Participant
May 12, 2008
Ken,

That is what I thought. I have also looked through various blogs, forums, web sites and so on devoted to Flex/ColdFusion and I suspect that the best option will be to use the Flex setRemoteCredentials() function and the ColdFusion cflogin/cfloginuser functionality in some manner. I will work on this (unless you have any better options).

Thanks for the info.
A
Anonymous
May 9, 2008
Not exactly correct. You can use windows authentication with the DataDirect jdbc drivers supplied or with Microsoft's 2005 driver. However, the authenticated user will be that of the CF appserver login. You cannot pass any other user credentials.
N
Newsgroup_User
Inspiring
May 8, 2008
johnab wrote:
> you can't do it I'm afraid - CF only supports SQL authentication, not windows based authenticatio. Unless you plan on using BlueDragon.Net.

the jTDS sql server driver handles windows authentication & it's pretty fast to
boot. so will cf but not in this scenario (ie run the cf server service under a
windows account w/sql server access instead of "system").
J
johnab
Participating Frequently
May 8, 2008
you can't do it I'm afraid - CF only supports SQL authentication, not windows based authenticatio. Unless you plan on using BlueDragon.Net.
Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices