Authentication and Authorization

This blog is about Authentication and authorization, in particular Kerberos on IIS 7.0 and later.

How to name a SPN (part 2)

As you learned last time, the full syntax of SPN name is: service class/host[:port[/service name]]...

Author: Per Nygaard Date: 06/03/2011

How to name a SPN

As previously stated, a SPN is a kind of alias for a domain account. You can have many SPN for a...

Author: Per Nygaard Date: 05/22/2011

System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITYANONYMOUS LOGIN'

Depending on how you installed SQL Server you may receve an SqlException -2146232060 when you are...

Author: Per Nygaard Date: 05/17/2011

WindowsImpersonationContext

Connecting to a database on a remote SQL Server with the end-user credentials requires that you are...

Author: Per Nygaard Date: 05/14/2011

Impersonation

The next hurdle to solve is to connect to the database with the correct user. Without doing...

Author: Per Nygaard Date: 05/06/2011

Kernel-mode authentication

First a short explanaition on how the Kerberos ticket is encrypted: The client application (e.g. a...

Author: Per Nygaard Date: 05/06/2011

Kerberos Delegation

Kerberos Delegation is a feature that allows an application to reuse the end-user credentials to...

Author: Per Nygaard Date: 05/03/2011

What is a SPN and why should you care?

I remember the first time I saw the acronym SPN when I were introduced to WCF some years ago. After...

Author: Per Nygaard Date: 04/28/2011

Introduction

Hi everyone Finally got around to setting up my blog. For those who don't know me - I'm Per Nygaard,...

Author: Per Nygaard Date: 04/28/2011