e.g. Make it so that you could limit it to a max 2 connections for a given technical account, the third connection being blocked repeatedly until one of the others is given up
例如使它可以限制为给定技术帐户的最多2个连接,第三个连接被反复阻止,直到其中一个连接被放弃
3 个解决方案
#1
2
Yes but you need a tiny bit of SQL code. You can enforce any policy you like by creating a Logon Trigger. This trigger is new to SQL Server 2005 SP2 (it is not in RTM version afaik) and is run every time a connection is established, before any statement is accepted from said connection. Make sure you use a proper EXECUTE AS clause for your trigger. In the trigger you can inspect sys.dm_exec_sessions and sys.dm_exec_connections and decide if the new connection is allowed yes/no. Pleas note that on SQL 2005 the number of sessions is not necessarily equal with the number of connections, because of MARS. You should decide your policy if you allow 2 connections or 2 sessions.
是的但你需要一点点SQL代码。您可以通过创建登录触发器来强制执行您喜欢的任何策略。此触发器是SQL Server 2005 SP2的新增功能(它不是RTM版本afaik),并且在每次建立连接时运行,在从所述连接接受任何语句之前。确保为触发器使用正确的EXECUTE AS子句。在触发器中,您可以检查sys.dm_exec_sessions和sys.dm_exec_connections,并确定是否允许新连接是/否。请注意,在SQL 2005上,由于MARS,会话数不一定等于连接数。如果您允许2个连接或2个会话,则应确定您的策略。
#2
0
To my knowledge this is not possible through the SQL Server Security implementation itself.
据我所知,这不可能通过SQL Server安全实现本身实现。
You can however, globally configure the maximum number of connections to SQL Server.
但是,您可以全局配置到SQL Server的最大连接数。
I believe would need to control/filter/screen all connections to SQL Server, externally to the database engine, in order to achieve this.
我认为需要控制/过滤/屏蔽SQL Server外部与数据库引擎的所有连接,以实现这一目标。
#3
0
You can't do it declaratively on the server side. You could certainly do it in tsql code if you want to trust the application to enforce itself.
您无法在服务器端以声明方式执行此操作。如果您想要信任应用程序来强制执行自己,那么您肯定可以在tsql代码中执行此操作。
#1
2
Yes but you need a tiny bit of SQL code. You can enforce any policy you like by creating a Logon Trigger. This trigger is new to SQL Server 2005 SP2 (it is not in RTM version afaik) and is run every time a connection is established, before any statement is accepted from said connection. Make sure you use a proper EXECUTE AS clause for your trigger. In the trigger you can inspect sys.dm_exec_sessions and sys.dm_exec_connections and decide if the new connection is allowed yes/no. Pleas note that on SQL 2005 the number of sessions is not necessarily equal with the number of connections, because of MARS. You should decide your policy if you allow 2 connections or 2 sessions.
是的但你需要一点点SQL代码。您可以通过创建登录触发器来强制执行您喜欢的任何策略。此触发器是SQL Server 2005 SP2的新增功能(它不是RTM版本afaik),并且在每次建立连接时运行,在从所述连接接受任何语句之前。确保为触发器使用正确的EXECUTE AS子句。在触发器中,您可以检查sys.dm_exec_sessions和sys.dm_exec_connections,并确定是否允许新连接是/否。请注意,在SQL 2005上,由于MARS,会话数不一定等于连接数。如果您允许2个连接或2个会话,则应确定您的策略。
#2
0
To my knowledge this is not possible through the SQL Server Security implementation itself.
据我所知,这不可能通过SQL Server安全实现本身实现。
You can however, globally configure the maximum number of connections to SQL Server.
但是,您可以全局配置到SQL Server的最大连接数。
I believe would need to control/filter/screen all connections to SQL Server, externally to the database engine, in order to achieve this.
我认为需要控制/过滤/屏蔽SQL Server外部与数据库引擎的所有连接,以实现这一目标。
#3
0
You can't do it declaratively on the server side. You could certainly do it in tsql code if you want to trust the application to enforce itself.
您无法在服务器端以声明方式执行此操作。如果您想要信任应用程序来强制执行自己,那么您肯定可以在tsql代码中执行此操作。