Batch job impersonation
-
I use impersonation for my web-site to give the site access to one and only one database. Now, the problem is that the user token don't replicate to batch-threads that I start. So I must have duplicate connection strings. And two login accounts on the sql-server. One windows, and one sql-specific. I have tried to copy the user token manually, with no success. What is "the" way to work around this? I don't want to enter the password from the code, or a config-file if it's possible.
-
I use impersonation for my web-site to give the site access to one and only one database. Now, the problem is that the user token don't replicate to batch-threads that I start. So I must have duplicate connection strings. And two login accounts on the sql-server. One windows, and one sql-specific. I have tried to copy the user token manually, with no success. What is "the" way to work around this? I don't want to enter the password from the code, or a config-file if it's possible.
You may want to take a look into using SSPI to impersonate the account. This[^] article on MSDN walks through creating a C# wrapper for the Win32 SSPI API. It is written in the context of .NET Remoting security but, if I recall correctly, the library is generic enough that it may work to solve your issue. At least, hopefully, it is a place to start. Hope that helps a bit. :) --Jesse
-
You may want to take a look into using SSPI to impersonate the account. This[^] article on MSDN walks through creating a C# wrapper for the Win32 SSPI API. It is written in the context of .NET Remoting security but, if I recall correctly, the library is generic enough that it may work to solve your issue. At least, hopefully, it is a place to start. Hope that helps a bit. :) --Jesse
Thanks a lot! -Chee that was a heavy paper. I'll read it when I come back from vacations.:zzz:
-
Thanks a lot! -Chee that was a heavy paper. I'll read it when I come back from vacations.:zzz:
My pleasure. :) I've read the article a couple of times now, and still don't think that I've managed to stay coherent all the way through. :wtf: There is a lot of stuff there. --Jesse