如何保存在服务器上的用户凭据运行在后台查询 [英] how to save user credentials on server for running queries in background
问题描述
背景:
我们有一个ASP.NET / Silveright Web应用程序。 Silverlight客户端显示用户
以图形形式特定数据 - 它从服务器请求的数据:
We have an ASP.NET / Silveright web application. The silverlight client displays user specific data in a graphical form - it requests the data from the server:
问题:
得到这个数据是昂贵的,由于基础数据库查询,服务器必须执行 - 因此客户不得不等待...
Problem: Getting this data is expensive, due to the underlying database queries that the server has to perform - so the client has to wait...
优化理念:
我们在服务器上定期运行的数据库查询,结果写入到
数据库中的'用户数据'表'关闭'到ASP.NET服务器运行在哪里。
Optimisation Idea: We run the database queries at regular intervals on the server, writing the results to a 'userdata' table in a database 'close' to where the ASP.NET server runs.
运行查询和写入数据到这些表的过程是
由数据采集的服务,这是从ASP.NET服务器分开执行。
The process of running the queries and writing the data to the tables is performed by a 'data collection' service, which is separated from the ASP.NET server.
当客户从用户数据表请求数据的服务器进行检索。
这应该是很好的,快速 - 我们可能在同一台计算机作为ASP.NET服务器上的用户数据表。我们也有额外的好处,客户端看到的数据,即使底层数据库处于脱机状态。
When the client requests data the server retrieves it from a 'userdata' table. This should be nice and quick - we probably have the 'userdata' tables on the same machine as the ASP.NET server. We also have the added benefit that the client sees data even if the underlying database is offline.
当然数据不能活 - 但所有的数据一旦它到达客户端可能是老
Of course the data is not live - but all data is potentially old as soon as it reaches the client.
所以现在我的问题:
数据集服务需要,以执行这些数据库的用户凭据
查询(因为每个用户得到不同的结果为相同的查询)。
So now my Problem: The 'data collection' service needs the user credentials in order to perform these database queries (because each user gets different results for the same query).
问:
我怎么可以存储用户凭据在数据库中,在可接受的'安全'的方式?
使得该数据集可模拟用户执行数据库查询。
我们最初的方案是基于使用Windows集成登录到数据库。
How can I store user credentials in a database, in an acceptable 'secure' way? Such that the 'data collection' can impersonate a user to perform the database queries. Our initial scenario is based upon using windows integrated login to the database.
推荐答案
据我了解这一点,你需要运行每个用户的查询,但你不想使这个阻塞调用。你想要一个非规范化的读取模式,的UserData的响应。
As I understand this you will need to run a query per user but you do not want to make this a blocking call. You want the responsiveness of a denormalized read model, the UserData.
我有一个想法,你,而不是存储的凭据的地方,你只需启动一个线程,并提供线程从请求采取的当前凭据。
I have an idea where you instead of storing the credentials somewhere, you simply start a thread and provide that thread with the current credentials taken from the request.
class MyClass
{
public static void DoSomething(object principal)
{
if (principal == null || !(principal is IPrincipal))
throw new ArgumentException();
Thread.CurrentPrincipal = (IPrincipal) principal;
// Do heavy querying and update UserData
}
}
我把这从ASP.NET MVC控制器是这样的:
I call this from an ASP.NET MVC Controller like this:
public ActionResult Index()
{
var t = new Thread(MyClass.DoSomething);
t.Start(User);
return View();
}
这将更新每个请求的UserData。如果你愿意,你可以介绍一些逻辑的更新频率,只让在一定条件下通话。
This would update the UserData for each request. If you want, you could introduce some logic for the update frequency and only make the call on certain conditions.
另一种方法我在想是对CQRS的心态,在那里我在这种情况下将发布包含序列化的IPrincipal 键,该消息会被消耗掉一个消息的步骤另一个实例/服务器,将更新的读出模式作为一个单独的过程。但我不确定,如果另一台服务器上反序列化的IPrincipal 将实际工作。
Another approach I was thinking about was a step towards the CQRS mindset, where I in this case would publish a message containing the serialized IPrincipal and that message would be consumed by another instance/server that would update the read model as a separate process. But I am uncertain that the IPrincipal would actually work if deserialized on another server.
反正我没有看到持续的凭据的利益。只是在一个新的线程或消耗的信息的上下文的范围内使用它们。
Anyway, I don't see the benefit of persisting the credentials. Just use them in the scope of a new thread or in the context of a message consumed.
这篇关于如何保存在服务器上的用户凭据运行在后台查询的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
