Reputation: 983
Impersonate Windows Identity in Entity Framework Core
I have an ASP.NET Core application that operates on a SQL database using Entity Framework Core. However, instead of the application pool user I would like to log in to SQL as the user sending the http request (currently using Windows Authentication through IIS). Is this supported by Entity Framework?
services.AddDbContext<Data.MyDbContext>(o =>
o.UseSqlServer(Configuration.GetConnectionString("MyConnectionString")));
My connection string is "Server=MYSERVER;Database=MyDatabase;Trusted_Connection=True;"
Upvotes: 1
Views: 2770
Answers (1)
Reputation: 983
It doesn't look like this is supported by EF. From user @divega here: https://github.com/aspnet/Home/issues/1805
Does EF have other ways to control the authentication process? Or other recommendations for authorizing individual user access to the database?
No, EF Core (as well as previous versions) is agnostic to this concern, i.e. it assumes that the underlying database connection will be capable of accessing the database."
Also explained there, as long as Windows Auth is used this can be done using WindowsIdentity.RunImpersonated() on an as-need basis, but all code within the action must be synchronous (until .NET Core adds async versions of RunImpersonated).
public void SaveChangesAsUser(WindowsIdentity identity)
{
WindowsIdentity.RunImpersonated(identity.AccessToken, this.SaveChanges);
}
Upvotes: 2
Related Questions
- Impersonation Middleware in an Asp.Net Core Intranet app for Windows-Identity
- ASP.NET Core Identity impersonate specific user
- Impersonating user with Entity Framework
- Entity Framework Core and Windows authentication on IIS Server
- windows authentication with Entity Framework and IIS
- ASP.NET Core 1.1 User Impersonation with Identity
- How to handle Microsoft Authentication in ASP.NET Entity Framework
- Entity Framework Windows Authentication with ASP.NET Impersonation
- Asp .Net Identity with entity framework
- Entity Framework and impersonation