我需要为每个帐户创建单独的Windows服务帐户 我的桌面环境(开发,接受和生产) 应用程序用于连接到我们的一个内部数据库。
已在这些帐户中添加了一个全局组以提供访问权限 因此需要使用模拟进行Windows身份验证访问。
加密并存储连接字符串数据 在网络上,由类库访问以确保安全。
如果我没有模拟,并使用接受连接字符串的DbContext基类的基础构造函数,那么它的工作原理是因为我的个人帐户被分配到同一个全局组。但是,当我将DbContext对象的实例化封装为模拟时,它会以内部异常表示灾难性故障而外部异常失败>州
提供商未返回
ProviderManifest个实例。
例如:
Console.WriteLine(Environment.UserName); //This shows me! So no impersonation yet!
using (new Impersonator("AppUser", "mydomain", "notapassword"))
{
Console.WriteLine(Environment.UserName); //This shows as AppUSER! So it works!
using (BillMarkContext dbContext = new BillMarkContext())
{
//Read each bill mark object
foreach (BillMarkCode code in dbContext.BillMarkCodes.AsEnumerable<BillMarkCode>())
Console.WriteLine(code.Code);
}
}
public partial class BillMarkContext : DbContext
{
private static string _connection = "Integrated Security=True;Persist Security Info=True;Initial Catalog=MyDB;Data Source=DBServer";
public BillMarkContext()
: base(_connection)
{}
public virtual DbSet<BillMarkCode> BillMarkCodes { get; set; }
protected override void OnModelCreating(DbModelBuilder modelBuilder)
{}
}
然后我尝试通过创建自己的DbConfiguration对象来硬编码连接信息,但导致错误,其中显然尝试做的不仅仅是建立可读连接。 正在尝试创建数据库,而不是我没有权利。
示例:
[DbConfigurationType(typeof(MyDbConfiguration))]
public partial class BillMarkContext : DbContext
{
public BillMarkContext()
{}
public virtual DbSet<BillMarkCode> BillMarkCodes { get; set; }
protected override void OnModelCreating(DbModelBuilder modelBuilder)
{}
}
public class MyDbConfiguration : DbConfiguration
{
public MyDbConfiguration()
{
SetProviderServices("System.Data.SqlClient", SqlProviderServices.Instance);
SetDefaultConnectionFactory(new SqlConnectionFactory("Integrated Security=True;Persist Security Info=True;Initial Catalog=MyDB;Data Source=DBServer"));
}
}
这是Code-First,我只能使用DbConfiguration找到非常简单的语句和超高级示例。关于连接/提供者信息的运行时定义,信息似乎总是针对基于模型的方法或忽略提供者的所有方式。
如何在模拟应用程序的Windows服务帐户时以编程方式配置EF Code-First方法来访问数据库而不会出现这些错误?
答案 0 :(得分:0)
所以,我想我终于解决了这个问题。在很多兔子洞里阅读大量的MSDN文章和许多个人博客都是一次冒险。在解决这个问题的过程中,我还发现了数据库访问角色的布局问题。这部分只是表明确保并验证您的角色设置正确同样重要。不要只听他们的话。我们现在已修复它们,但可能需要更多控制措施,并确保以最合适的方式管理它们。我想提供我的例子来帮助处于相同情况的其他人,并为退伍军人提供一些评论,如果他们看到一些改进机会。下面的示例仍然有点天真,因为我可以围绕SecureString做更多的事情,但我认为这不是问题的核心。所以,这里......
消费者:
[STAThread]
static void Main(string[] args)
{
try
{
string domain = "myDomain";
string userName = "myUserName";
string password = "NotAPassword"
//Using NEW_CREDENTIALS is the same as RunAs with the /netonly switch set. Local computer login is based on the
//current user. While the impersonated account will be used for remote access to resources on the network.
//Therefore authentication across the domain.
//Per MSDN, NEW_CREDENTIALS should only work with the WINNT50 provider type. However, I have verified this to work with Default.
//I'm just not sure of the long-term implications since MS made a point to specify this.
using (Impersonator.LogonUser(domain, userName, password, LogonType.NEW_CREDENTIALS, LogonProvider.LOGON32_PROVIDER_WINNT50))
{
//This will show the currently logged on user (machine), because NEW_CREDENTIALS doesn't alter this, only remote access
Console.WriteLine("Current user...{0}", WindowsIdentity.GetCurrent().Name);
using (BillMarkContext dbContext = new BillMarkContext())
{
//Read each bill mark object
foreach (BillMarkCode code in dbContext.BillMarkCodes.AsEnumerable<BillMarkCode>())
{
Console.WriteLine(code.Code);
}
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
Console.ReadLine();
}
上下文:
显然,真实世界的实现不会将连接字符串存储在静态字段中。
public partial class BillMarkContext : DbContext
{
private static string _connection4 = "Integrated Security=True;Persist Security Info=True;Initial Catalog=MyDB;Data Source=MyServer";
public BillMarkContext()
: base(_connection4)
{
//Since we're read-only
Database.SetInitializer<BillMarkContext>(null);
}
//View property setup since we're read-only
protected virtual DbSet<BillMarkCode> _billMarkCodes { get; set; }
public DbQuery<BillMarkCode> BillMarkCodes
{
get { return Set<BillMarkCode>().AsNoTracking(); }
}
protected override void OnModelCreating(DbModelBuilder modelBuilder)
{ }
}
模仿者&amp;支持课程/枚举:
[PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
internal sealed class Impersonator : IDisposable
{
#region Properties
private SafeTokenHandle _handle;
private WindowsImpersonationContext _context;
private bool _isDisposed;
public bool IsDisposed
{
get { return _isDisposed; }
private set { _isDisposed = value; }
}
#endregion
#region Constructors / Factory Methods
private Impersonator(string domain, string userName, string password, LogonType logonType, LogonProvider provider)
{
bool gotTokenHandle = NativeLoginMethods.LogonUser(userName, domain, password, (int)logonType, (int)provider, out _handle);
if (!gotTokenHandle || _handle.IsInvalid)
{
int errorCode = Marshal.GetLastWin32Error();
throw new System.ComponentModel.Win32Exception(errorCode);
}
}
public static Impersonator LogonUser(string domain, string userName, string password, LogonType logonType, LogonProvider provider)
{
Impersonator impersonator = new Impersonator(domain, userName, password, logonType, provider);
impersonator._context = WindowsIdentity.Impersonate(impersonator._handle.DangerousGetHandle());
return impersonator;
}
#endregion
#region Dispose Pattern Methods
private void Dispose(bool disposing)
{
//Allow the Dispose() to be called more than once
if (this.IsDisposed)
return;
if (disposing)
{
// Cleanup managed wrappers
if (_context != null)
_context.Dispose();
if (_handle != null && !_handle.IsClosed)
_handle.Dispose();
//Suppress future calls if successful
this.IsDisposed = true;
}
}
public void Dispose()
{
//Dispose the resource
Dispose(true);
GC.SuppressFinalize(this);
}
#endregion
internal class NativeLoginMethods
{
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, out SafeTokenHandle phToken);
[DllImport("kernel32.dll")]
[ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
[SuppressUnmanagedCodeSecurity]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool CloseHandle(IntPtr handle);
}
internal sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
{
#region Constructors
internal SafeTokenHandle()
: base(true)
{ }
#endregion
#region Support Methods
[ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
protected override bool ReleaseHandle()
{
return NativeLoginMethods.CloseHandle(base.handle);
}
#endregion
}
/// <summary>
/// Logon Type enum
/// </summary>
internal enum LogonType : int
{
/// <summary>
/// This logon type is intended for users who will be interactively using the computer, such as a user being logged on by a terminal server, remote shell, or similar process. This logon type has the additional expense of caching logon information for disconnected operations; therefore, it is inappropriate for some client/server applications, such as a mail server.
/// </summary>
INTERACTIVE = 2,
/// <summary>
/// This logon type is intended for high performance servers to authenticate plaintext passwords. The LogonUser function does not cache credentials for this logon type.
/// </summary>
NETWORK = 3,
/// <summary>
/// This logon type is intended for batch servers, where processes may be executing on behalf of a user without their direct intervention. This type is also for higher performance servers that process many plaintext authentication attempts at a time, such as mail or web servers.
/// </summary>
BATCH = 4,
/// <summary>
/// Indicates a service-type logon. The account provided must have the service privilege enabled.
/// </summary>
SERVICE = 5,
/// <summary>
/// GINAs are no longer supported. Windows Server 2003 and Windows XP: This logon type is for GINA DLLs that log on users who will be interactively using the computer. This logon type can generate a unique audit record that shows when the workstation was unlocked.
/// </summary>
UNLOCK = 7,
/// <summary>
/// This logon type preserves the name and password in the authentication package, which allows the server to make connections to other network servers while impersonating the client. A server can accept plaintext credentials from a client, call LogonUser, verify that the user can access the system across the network, and still communicate with other servers.
/// </summary>
NETWORK_CLEARTEXT = 8,
/// <summary>
/// This logon type allows the caller to clone its current token and specify new credentials for outbound connections. The new logon session has the same local identifier but uses different credentials for other network connections. This logon type is supported only by the LOGON32_PROVIDER_WINNT50 logon provider.
/// </summary>
NEW_CREDENTIALS = 9
}
internal enum LogonProvider : int
{
/// <summary>
/// Use the standard logon provider for the system. The default security provider is negotiate, unless you pass NULL for the domain name and the user name is not in UPN format. In this case, the default provider is NTLM.
/// </summary>
LOGON32_PROVIDER_DEFAULT = 0,
/// <summary>
/// Use the Windows NT 3.5 logon provider.
/// </summary>
LOGON32_PROVIDER_WINNT35 = 1,
/// <summary>
/// Use the NTLM logon provider.
/// </summary>
LOGON32_PROVIDER_WINNT40 = 2,
/// <summary>
/// Use the negotiate logon provider.
/// </summary>
LOGON32_PROVIDER_WINNT50 = 3
}