模拟无法建立数据库连接 [英] Impersonation failing for database connection

问题描述

我有一个SL4应用程序，该应用程序使用WCF与后端SQL Server 2008数据库进行通信.由于所调用的存储过程需要数据库权限，因此WCF服务之一需要使用专用的系统帐户连接到数据库.我试图在服务代码中使用模拟来实现解决方案，例如

I have a SL4 app that uses WCF to communicate with a backend SQL Server 2008 database. One of the WCF services needs to connect to the database with a dedicated system account due to the database permissions required by the stored procedure that is called. I have attempted to implement a solution using impersonation within the service code e.g.

int result = LogonUser(userName, domain, password,
    LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, out _token);

if (result > 0)
{
    ImpersonateLoggedOnUser(_token);
    //Code here to call NHibernate data access code
}

我为此服务的连接字符串为:

My connection string for this service is:

<add name="MyConnection" connectionString="Data Source=servername\instance;Initial Catalog=MyDatabase;Integrated Security=SSPI" providerName="System.Data.SqlClient"/>

但是，数据访问例程仍然失败，并显示以下消息:

However, the data access routine is still failing with the following message:

用户"NT AUTHORITY \ ANONYMOUS LOGON"的登录失败.

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

在数据库连接中模拟将被忽略.有什么想法吗?

The impersonation is being ignored in the database connection. Any ideas?

推荐答案

我实际上已经通过摆脱模拟API代码并将以下内容添加到我的web.config中，设法使其正常工作:

I've actually managed to get this to work by getting rid of the impersonation API code and adding the following to my web.config:

  <location path="Services/MyServiceThatNeedsHigherPermissions.svc">
    <system.web>
      <identity impersonate="true" userName="domain\MyAccountWithElevatedPermissions" password="******"/>
    </system.web>
  </location>

该服务在我的专用系统帐户的上下文中运行，并使用相同的上下文连接到SQL.

The service runs under the context of my dedicated system account and connects to SQL using the same context.

这篇关于模拟无法建立数据库连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！