stackoom
  简体   繁体   中英

asp.net SQL Server Authentication using Windows Authentication

 原文  2018-03-25 13:25:51       c#/ asp.net/ sql-server/ authentication

Question

I am currently working on a ASP.NET admin dashboard. The app pool for this IIS website is running with a domain user, which is used to connect to a SQL Server that holds various data for the webpage.

Now, on this website I want to connect to many different SQL Servers using either SQL Server Authentication (if the SQL Server is in a different domain) or Windows Authentication (a separate Windows Account for each SQL Server).

In SQL Server Reporting Services we can create data sources and define how to connect to the databases - basically I want to do the same, but within my ASP.NET code. The authentication information will be stored in a SQL Table (encrypted) accessed by the app pool user.

And no - I can't use SQL Server Reporting Services =)

Additionally, I need to connect to SQL Servers starting 2005 up to 2017 or any upcoming new version. I will have 5 - 100 Servers that I need to query (depending on the scenario).

How can I do that? Did anybody implement something like this? Do you have any tutorials or references?

Thanks in advance

1 answers

solution1
 0  2018-03-26 11:39:20

In order to that, I need to use an UserImpersonation Class provided by the "UserImpersonation" nuget package.

Here is a code snippet with which I've test the three authentication methods:

  • App Pool Identity
  • SQL Server Authentication

  • Windows Authentication with Impersonation 

     public string TestLogin(string UserName, string Password, string Auth, string Domain) { string thisLogin = ""; //App Pool Identity if (Auth.Equals("local")) { using (SqlConnection cn = new SqlConnection(ConfigurationManager.ConnectionStrings["sqlConn"].ToString())) { SqlCommand cmd = new SqlCommand("SELECT SUSER_SNAME()", cn); cn.Open(); SqlDataReader rdr = cmd.ExecuteReader(); while (rdr.Read()) { thisLogin = rdr[0].ToString(); } cn.Close(); } } if(Auth.Equals("SQL")) { using (SqlConnection cn = new SqlConnection("Data Source = .\\\\D01; Initial Catalog = master; Integrated Security = false; User ID = " + UserName + "; Password=" + Password + ";")) { SqlCommand cmd = new SqlCommand("SELECT SUSER_SNAME()", cn); cn.Open(); SqlDataReader rdr = cmd.ExecuteReader(); while(rdr.Read()) { thisLogin = rdr[0].ToString(); } cn.Close(); } } if(Auth.Equals("Remote")) { string login = UserName; string domain = Domain; string password = Password; using (UserImpersonation user = new UserImpersonation(login, domain, password)) { if (user.ImpersonateValidUser()) { using (SqlConnection cn = new SqlConnection("Data Source = .\\\\D01; Initial Catalog = master; Integrated Security = SSPI;")) { SqlCommand cmd = new SqlCommand("SELECT SUSER_SNAME()", cn); cn.Open(); SqlDataReader rdr = cmd.ExecuteReader(); while (rdr.Read()) { thisLogin = rdr[0].ToString(); } cn.Close(); } } } } if(thisLogin.Equals("")) { thisLogin = "User failed"; } return thisLogin; }

It's not perfect - but it should work.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Connecting SQL Server with ASP.NET using Windows Authentication Use ADFS-based authentication inside ASP.NET Core to access a SQL Server using Windows authentication? ASP.NET SQL Server Database Authentication Window authentication in sql server and asp.net Using Windows Authentication in ASP.NET using roles in asp.net with windows authentication ASP.NET Forms Authentication and Windows Authentication Windows authentication with asp.net windows authentication in asp.net Windows authentication in asp.net 5
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM