ASP.NET,IIS和SQL Server 2008

时间:2020-12-19 03:29:39

My scenario is: I have 3 separate machines for domain controller (Windows 2008), SQL Server 2008 and IIS (Windows 7).

我的方案是:我有3*立的机器用于域控制器(Windows 2008),SQL Server 2008和IIS(Windows 7)。

I am maintaining table log using a SQL Server trigger (Delete, Update, Insert), by setting suser_name() as default value e.g:

我使用SQL Server触发器(删除,更新,插入)维护表日志,通过将suser_name()设置为默认值,例如:

  • Table1: TrNo Bigint, TrDate Datetime, CDate as datetime
  • 表1:TrNo Bigint,TrDate Datetime,CDate as datetime

  • Table1_Log: TrNo Bigint, TrDate Datetime, CDate as datetime, AuditUser Varchar(100) default suser_name()
  • Table1_Log:TrNo Bigint,TrDate Datetime,CDate as datetime,AuditUser Varchar(100)default suser_name()

Whenever user updates any record, it maintain its log tables. My problem is that it always show same ComputerName in log table that configured is IIS.

每当用户更新任何记录时,它都会维护其日志表。我的问题是它总是在配置为IIS的日志表中显示相同的ComputerName。

What I did in IIS :

我在IIS中做了什么:

Application - 
               Anonymous Authentication  - Disabled
               ASP.Net Impersonation     - Disabled
               Basic Authentication      - Disabled
               Form Authentication       - Disabled    
               Windows Authentication    - Enabled
Application Pools - 
               Default Application Pool
                              Identity - Network Services

--------------------------------------------------------------

Now when I run the application it show a windows dialog box where user entered his Domain\UserName and when I edit any record, it save my computer name to AuditUser column (i-e: suser_name()).

现在,当我运行应用程序时,它会显示一个Windows对话框,用户输入了他的Domain \ UserName,当我编辑任何记录时,它将我的计算机名称保存到AuditUser列(i-e:suser_name())。

I want to save actual username that I entered in Windows dialog box. suser_name()

我想保存我在Windows对话框中输入的实际用户名。 SUSER_NAME()

Thank you

1 个解决方案

#1


0  

Your application is running as the identity specified in your IIS application pool. In order for it to connect to SQL Server as the individual identities, you will need to enable impersonation.

您的应用程序正在IIS应用程序池中指定的标识上运行。为了使其作为个人身份连接到SQL Server,您需要启用模拟。

This involves enabling impersonation in your web.config

这涉及在web.config中启用模拟

<system.web>
    ...
    <authentication mode="Windows"/>
    <identity impersonate="true"/>
    ...
</system.web>

Then in your code you use a WindowsImpersonationContext to wrap those parts of code where you would like to impersonate that user (e.g. In your case, during your database calls).

然后在您的代码中使用WindowsImpersonationContext将这些代码部分包装在您想要模拟该用户的位置(例如,在您的情况下,在数据库调用期间)。

var identity = User.Identity as WindowsIdentity;

using (var context = identity.Impersonate())
{
    // Do stuff
}

Keep in mind that means all of these users will need access rights in the database.

请记住,这意味着所有这些用户都需要在数据库中拥有访问权限。

#1


0  

Your application is running as the identity specified in your IIS application pool. In order for it to connect to SQL Server as the individual identities, you will need to enable impersonation.

您的应用程序正在IIS应用程序池中指定的标识上运行。为了使其作为个人身份连接到SQL Server,您需要启用模拟。

This involves enabling impersonation in your web.config

这涉及在web.config中启用模拟

<system.web>
    ...
    <authentication mode="Windows"/>
    <identity impersonate="true"/>
    ...
</system.web>

Then in your code you use a WindowsImpersonationContext to wrap those parts of code where you would like to impersonate that user (e.g. In your case, during your database calls).

然后在您的代码中使用WindowsImpersonationContext将这些代码部分包装在您想要模拟该用户的位置(例如,在您的情况下,在数据库调用期间)。

var identity = User.Identity as WindowsIdentity;

using (var context = identity.Impersonate())
{
    // Do stuff
}

Keep in mind that means all of these users will need access rights in the database.

请记住,这意味着所有这些用户都需要在数据库中拥有访问权限。