模拟无法建立数据库连接 [英] Impersonation failing for database connection
问题描述
我有一个SL4应用程序,该应用程序使用WCF与后端SQL Server 2008数据库进行通信.由于所调用的存储过程需要数据库权限,因此WCF服务之一需要使用专用的系统帐户连接到数据库.我试图在服务代码中使用模拟来实现解决方案,例如
I have a SL4 app that uses WCF to communicate with a backend SQL Server 2008 database. One of the WCF services needs to connect to the database with a dedicated system account due to the database permissions required by the stored procedure that is called. I have attempted to implement a solution using impersonation within the service code e.g.
int result = LogonUser(userName, domain, password,
LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, out _token);
if (result > 0)
{
ImpersonateLoggedOnUser(_token);
//Code here to call NHibernate data access code
}
我为此服务的连接字符串为:
My connection string for this service is:
<add name="MyConnection" connectionString="Data Source=servername\instance;Initial Catalog=MyDatabase;Integrated Security=SSPI" providerName="System.Data.SqlClient"/>
但是,数据访问例程仍然失败,并显示以下消息:
However, the data access routine is still failing with the following message:
用户"NT AUTHORITY \ ANONYMOUS LOGON"的登录失败.
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
在数据库连接中模拟将被忽略.有什么想法吗?
The impersonation is being ignored in the database connection. Any ideas?
推荐答案
我实际上已经通过摆脱模拟API代码并将以下内容添加到我的web.config中,设法使其正常工作:
I've actually managed to get this to work by getting rid of the impersonation API code and adding the following to my web.config:
<location path="Services/MyServiceThatNeedsHigherPermissions.svc">
<system.web>
<identity impersonate="true" userName="domain\MyAccountWithElevatedPermissions" password="******"/>
</system.web>
</location>
该服务在我的专用系统帐户的上下文中运行,并使用相同的上下文连接到SQL.
The service runs under the context of my dedicated system account and connects to SQL using the same context.
这篇关于模拟无法建立数据库连接的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!