StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POdatabase access impersonation
text
Body
copied!<p>My objective is to prevent direct user access to the database server. One way is to create a WCF service or web service in the middle between the front end application and the database server. </p> <p>First of all, the users will be authenticated to the application. Subsequently the application will connect through the WCF service to perform business logic operations. The WCF service will perform the database related operations by using one windows account. This will prevent other users to directly access the database server, since the permission will only be granted to specific one windows account.</p> <p>Here are my questions : Even though the database access is only granted to one windows account and the WCF will use this windows account to perform database related operations, is it possible to mark all database related operations with the credential of the logged in user ? </p> <p><strong>Update</strong><br> Thanks for the replies. Seems like the above scenario is not achievable. I am currently exploring the SQL 2008 Application Role feature. One of the example is <a href="http://www.codeproject.com/KB/database/AppRole.aspx" rel="nofollow noreferrer">here</a>. But after further exploration, apparently there is an issue with the connection pooling.</p> <p><strong>Update</strong><br> There is a stack overflow thread <a href="https://stackoverflow.com/questions/216758/sql-server-application-role-performance-hit">here</a> regarding SQL Server Application Role</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload