C# Impersonation of an AD user -
here's scenario need help with:
client passes files webservice, stores them on unique generated folder (just operation). webservice saves info files (location, health, etc) in database. windows service (running system) checks database changes process files. files stored in seperate database (like library) later use. operation needs done via user uploaded files webservice. tried impersonation without password passing token never got work.
any chance impersonate active directory user without password start operation specific user?
this cannot work using impersonation, , reason impersonation requires end-to-end back upwards across every single function accomplish result. in case, means entire connection stack database needs back upwards impersonation, , not case. raymond chen has nice article on impersonation explains trouble.
sql server (if server) supports form of impersonation through execute as, don't recommend doing dynamic credentials -- sounds security nightmare. you're improve off getting user identity , passing along stored procedure handles security checks without impersonating user. procedure, of course, should callable service only.
c# impersonation
No comments:
Post a Comment