impersonation

  • Thread starter Thread starter Mark
  • Start date Start date
M

Mark

Assume a windows domain, and a .NET windows application connecting to a SQL
Server 2000 server on the domain. I don't want to give a windows user or
group direct access to modifying data, or executing stored procedures. I'd
like to use impersonation, once I've validated the user. However, I don't
want to store the impersonation credentials in clear text, or similar.

What is the recommended way of dealing with this situation? Code
samples/link to a related article would be appreciated.

Thanks in advace.

Mark
 
Am Tue, 31 May 2005 11:42:34 -0500 schrieb Mark:
Assume a windows domain, and a .NET windows application connecting to a SQL
Server 2000 server on the domain. I don't want to give a windows user or
group direct access to modifying data, or executing stored procedures. I'd
like to use impersonation, once I've validated the user. However, I don't
want to store the impersonation credentials in clear text, or similar.

What is the recommended way of dealing with this situation? Code
samples/link to a related article would be appreciated.

Thanks in advace.

Mark
Click to expand...

Hi Mark,

System.Net.CredentialCache.DefaultCredentials returns the user running
current application.
You could use a WebService to do the database stuff. If you do so it's
quite easy to set the permissions of that WebService to a certain user
group. Then you just need to add that webservice as a web reference (which
will be inherited from SoapHttpClientProtocol class) and supply it with
these credentials before calling any methods.

I dont know any samples right now but I hope this is a good start. Hope
this helps.

Regards,
Munir Husseini
 
Back
Top