Django中的每用户数据库身份验证 [英] Per user database authentication in Django
问题描述
下午好,
我正在写一个存储敏感健康信息的研究数据库的前端。我机构制定了一项政策,即用户操作由SQL Server记录,以便在发生违规时可以对服务器日志文件执行审核。
因此,策略,我不能以系统用户的身份将Django连接到数据库(否则,前端操作的所有用户将以Django系统用户的身份(而不是实际用户的身份)由服务器记录。) b
是否有一种方法可以使用按用户凭据连接到数据库,以便在前端执行的操作将作为该用户记录在db服务器上?我已经找到了很多有关使用多个数据库的信息,但是没有关于这些数据库的每个用户身份验证的信息。
谢谢您!
我能够完成通过向SQL用户授予IMPERSONATE权限,并在我需要登录models.py的数据库查询之前执行EXECUTE AS。
cursor = self.connection.cursor()
try:
cursor.execute( EXECUTE AS + get_current_user()
除了DatabaseError如e:
cursor.close ()
加薪e
Good afternoon, I am writing a front-end for a research database that holds sensitive health information. My institution has a policy that user actions be logged by the SQL server so that they can perform audits on the server log files in the event of a breach.
Because of this policy, I cannot connect Django to the db as a system user (otherwise, all users of the front-end actions would be logged by the server as the Django system user instead as the actual user individually).
Is there a way to connect to the DB using per user credentials so that actions performed on the front end will be logged as that user on the db server? I have been able to find a lot of information about using multiple databases, but nothing about per user authentication of those databases.
Thank you in advanced!
I was able to accomplish this by giving the SQL user the IMPERSONATE permission and performing EXECUTE AS prior to the DB queries that I needed to have logged in models.py.
cursor = self.connection.cursor()
try:
cursor.execute("EXECUTE AS " + get_current_user()
except DatabaseError as e:
cursor.close()
raise e
这篇关于Django中的每用户数据库身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!