I have an ASP.NET 4.0 (IIS 7.5) application running on a server(Window Server 2008 R2 Standard), named WEBSERV, and a SQL Server (2008) database on another server, named DATASERV. The SQL Server has a login setup as user for my database with read privileges. I am the owner of the AD group that is associated with the SQL Server login, named READGROUP and I use to access the database using integrated security, which I understand is Windows authentication. The ASP.NET application's app pool identity is set to NetworkService. Anonymous authentication is enabled. ASP.NET impersonation, Basic authentication, Digest Authentication, Forms authentication, Windows Authentication all disabled. I can enable these if need be. For me to give a human user read access to the database, I add them to the READGROUP.
My goal is to add a 1 non human user to the READGROUP so that the ASP.NET application can may query the database and display data in the HTML table. I have the code working on my dev box, but its operating with my credentials, which has access to the data because I'm a part of READGROUP. When the app is running on WEBSERV, its Windows Identity is showing up as "NT AUTHORITY\Network Service".
I do not want to store my password on WEBSERV like this. I have to change it every 90 days and this is a major pain to maintain, and the IT people strongly discourage it.
Is there any way to get a specific user for WEBSERV + ASP.NET + my application added to my AD group?
