Re: impersonation
- From: Munir Husseini <mhusseini@xxxxxxxxxxx>
- Date: Fri, 3 Jun 2005 17:27:00 +0200
Am Tue, 31 May 2005 11:42:34 -0500 schrieb Mark:
> Assume a windows domain, and a .NET windows application connecting to a SQL
> Server 2000 server on the domain. I don't want to give a windows user or
> group direct access to modifying data, or executing stored procedures. I'd
> like to use impersonation, once I've validated the user. However, I don't
> want to store the impersonation credentials in clear text, or similar.
>
> What is the recommended way of dealing with this situation? Code
> samples/link to a related article would be appreciated.
>
> Thanks in advace.
>
> Mark
Hi Mark,
System.Net.CredentialCache.DefaultCredentials returns the user running
current application.
You could use a WebService to do the database stuff. If you do so it's
quite easy to set the permissions of that WebService to a certain user
group. Then you just need to add that webservice as a web reference (which
will be inherited from SoapHttpClientProtocol class) and supply it with
these credentials before calling any methods.
I dont know any samples right now but I hope this is a good start. Hope
this helps.
Regards,
Munir Husseini
.
- Prev by Date: Re: Data-bound control- Syncing selected with data search
- Next by Date: shdocvw
- Previous by thread: Re: Data-bound control- Syncing selected with data search
- Next by thread: shdocvw
- Index(es):
Relevant Pages
|
