impersonte = true (repost)

  • Thread starter Thread starter Steve Drake
  • Start date Start date
S

Steve Drake

I am reposting this via MSDN support to get support from MS, sorry for the
repost.

All,

I have written a sharepoint webpart and sharepoint requires impersonate =
true in the web.config, but I want to connect to the DB as the id of the
application pool.

If I run RevertToSelf before the .Open, then reimpersonate the user that is
making the http request, this works, but I don't like it.

Is there a better way? I don't want to user sql authentication for other
reasons.

Sharepoint manages todo this.

Steve
 
Hi Steve,

First of all, I would like to confirm my understanding of your issue. From
your description, I understand that you need to connect to the SQL server
using the ID of the sharepoint working process in a sharepoint webpart. If
there is any misunderstanding, please feel free to let me know.

As far as I know, using the RevertToSelf fuction is the only way to go back
to the working process's ID. However, there is an alternative, that we
create another windows account and switch to that account to connect to the
SQL server and switch back when done. You can check the following KB
article for how to switch to that account.

http://support.microsoft.com/?id=306158

HTH.

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."
 
You have understood my problem.

Its more of a safety question, what I do is RevertToSelf before I make my
connection to the DB, then I run
((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate(), i
am unsure if this is safe eg will it cause problems with sharepoint, if i
don't Impersonte the logged on user after i open the db, then it does cause
problems with other webpart, but i would expect this.

What I don't like about the solution, is that i am using ummanged code to
reverttoself and managed code to impersonate , i understand that under the
hood its all win32 so it 'shouldn't matter, i would be interested to know if
sharepoint does this the same way.

Thanks for your help

Steve
 
Hi Steve,

Using ummanged code to reverttoself and managed code to impersonate doesn't
really matter. Actually, it is the only way to achieve this. I don't know
how SharePoint does, but I don't think where will be security issues here.
HTH.

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."
 
Back
Top