CS/WebPublisherPro was initially installed with ONLY Windows Authentication selected. After installation while we were testing using the CARS textbase, we noted that an "Anonymous Account" was used to access the SQL database, even though we didn't select Anonymous Authentication during the install. How do we set up the system so that the actual logged-on Windows User credential is used to access the SQL database

Hi Janice

I do not have expertise in this area, but I have received the following information which I hope may be helpful:

"If you are seeing 'Anonymous Login Failed' (that anonymous user is trying to access SQL) after you have specified Windows Authentication, it is possible that one of the other virtual directories is still using Anonymous access. The Virtual directory should be Integrated Windows Authentication for both the ics-wpd and the Inmagic Browse. It should also say 'Integrated Security' in your SQL connection string.
For example:
“Provider=sqloledb;Data Source=%s;Integrated Security='SSPI';Initial Catalog=_InmTextbases;", where the SQL instance name is substituted for the %s.

Make sure that TCP/IP and Names Pipes is enabled within SQL so that SQL can listen for remote client connections over TCP/IP. It is possible that either SQL cannot see the user credentials due to windows permissions or that the user is not a domain user.
When using Windows Authentication, WebPublisher passes asp.net default credentials to SQL. Then SQL asks Windows if the given default credentials are valid credentials.
Therefore to address the posted question…In order to setup WebPublisher so that it’s using the user's credentials instead of using anonymous access would be to specify the following:
1. Set Integrated or Basic Windows Authentication in IIS for both ics-wpd and Inmagic Browse.
2. The Windows user needs to be setup in such a way that allows them the proper permissions to the ini file in \ICSWeb\ folder, and at least modify permission on the \ICSWeb\Qsets\ folder. The permissions given to the user in Windows should be consistent with the permissions given in IIS. The user should also have full control over the folder containing the actual textbases.

Other factors are how the user is constructed in Active Directory or on their network. The user may need to be apart of a domain group unless SQL Server is on the same box as WebPublisher. There a lot of moving parts in this mechanism. Also, the policies and methodologies of a network can vary from one place to another. This can also be a factor on why WebPublisher is not properly using Windows Authentication. "

I hope at least this gives you some pointers!

Best wishes

Norma

Hi Norma, thanks for the information! We have been successful in getting windows authentication working for WebPublisherPro but now when an internal staff member searches the OPAC and then clicks on "my genie" the login screen presents itself and we do not want our staff to have to login. If you know how we can bypass the login screen here that would be great! Thanks, Janice

Is this what you need:

In the MyGenie.config file

Empty the <OpacPages> section, which forces the OPAC users to the Login page, which they then bypass with their Windows credentials, and My Genie then knows who they are.

<!-- pages that do not force the user to log in -->
<OpacPages>
<OpacPage>opac.aspx</OpacPage>
<OpacPage>opac_report.aspx</OpacPage>
<OpacPage>opac_checkout.aspx</OpacPage>
<OpacPage>opac_loans_search.aspx</OpacPage>
</OpacPages>


Hope this helps

Norma