Re: Membership functions connect to Sql Server as Process Identity, not user identity??
- From: andrew.sher@xxxxxxxxx
- Date: 16 Apr 2006 00:12:39 -0700
Thank you for replying, this has been bothering me for days. To answer
your questions, the reason I want to use membership while using windows
authentication is this site serves as an administration portal for
another site, and thus every user of this system by definition is to
have direct access to the credentials db. That other site does use
forms authentication and the membership class for everything. While the
other site is open to any public user, those in charge want to have a
more secure method of gathering/displaying aggregate user data, and
thus would like to use windows authentication so that only certain
users in their domain are able to login to the admin site. As another
layer of security, they want to be able to restrict the execution of
the aggregate stored procedures by setting exec permissions on Sql
Server to specific users, thus the reason I need to be able to
impersonate the user all the way to sql server (even though
theoretically the only people who can get into the admin site in the
first place will be those that have the credentials to also run the
aggregate sp's in the database). I know the drawbacks of impersonating
to sql server, including connection pool issues, but that's the way it
has to be. The reason I wanted to use the Membership functions in my
admin app is that they provide exactly the functionality I need since
all the data in the db is modeled around Membership. I could rewrite
all of the procedure calls, but chances are it wont be as quick or
correct as the real ones, but it looks like that's what i need to do.
On a side note, thank you Dominick for providing the ShowContexts.aspx
file on your website, I've been using it this last week and it's helped
me learn a lot about impersonation, security, etc.
.
- Follow-Ups:
- Re: Membership functions connect to Sql Server as Process Identity, not user identity??
- From: Dominick Baier [DevelopMentor]
- Re: Membership functions connect to Sql Server as Process Identity, not user identity??
- References:
- Membership functions connect to Sql Server as Process Identity, not user identity??
- From: andrew . sher
- Re: Membership functions connect to Sql Server as Process Identity, not user identity??
- From: Dominick Baier [DevelopMentor]
- Membership functions connect to Sql Server as Process Identity, not user identity??
- Prev by Date: Re: Membership functions connect to Sql Server as Process Identity, not user identity??
- Next by Date: Re: Membership functions connect to Sql Server as Process Identity, not user identity??
- Previous by thread: Re: Membership functions connect to Sql Server as Process Identity, not user identity??
- Next by thread: Re: Membership functions connect to Sql Server as Process Identity, not user identity??
- Index(es):
Relevant Pages
|
Loading
