<connectionStrings>
<add name="MyDbConn1"
connectionString="Server=MyServer;Database=MyDb;Trusted_Connection=Yes;"/>
<add name="MyDbConn2"
connectionString="Initial Catalog=MyDb;Data Source=MyServer;Integrated Security=SSPI;"/>
</connectionStrings>
They will also mention that you do not need impersonation on for this to work, only that the identity account for the application pool has the required access to the SQL server (normally making this account a managed domain service account). This is despite many inccorrect postings on news groups saying you must have impersonation on (people never read the scenario)
However, there is one gotcha when playing your web application underneath a currently existing .NET application. If your top level website has
<identity impersonate="true">
then you will need to put
<identity impersonate="false">
into your own web.config to override (or override in another way, this worked best for me). This is the scenario you will face with WSS or MOSS, as all the sites attempt to impersonate the current user.
