Hi all,
I have a situation whereby I want to authenticate an
application user to the SQL Server 2005 database through my
ColdFusion 8.0.1 application. I have the following config:
SQL server Authentication Mode: Mixed
ColdFusion Service Account: DOMAIN\ColdFusion
DOMAIN\ColdFusion windows account has access to SQL Server
and the database ("public" database role - low privs)
DSN configured in CF using no user name/pwd - uses Windows
Authentication - works fine, connection is OK
IIS 6 (Windows 2003 R2) configured to use Integrated Security
What I want to do is to have the CF application and IIS
essentially "pass through" the remote user's domain login (eg.
DOMAIN\JBloggs) and have the application run all SQL queries using
this user's credentials, not the credentials of the CF domain
account. I want to authenticate based on the remote domain user,
not the user running the ColdFusion server. Is this possible? I can
see the remote user's domain user id in the CGI.REMOTE_AUTH (or
REMOTE_USER or whatever it is) CGI variable, but how can I get IIS
and CF to pass this value throgh to SQL Server 2005 for use qith
queries?
Any assistance much appreciated.