Recently, some of our developers were writing an app that required impersonation from the web service, as the user, to the database. Admittedly, Kerberos isn’t one of my strong points.
There were two hops here. From the user -> IIS server and from IIS Server -> SQL Server, but the application in IIS would impersonate the [...]