Hi,
In an existing ASP/ASP.NET 1.1 app running on IIS 6, I need to RELIABLY
pass the logged in username through to the SQL Server 2000 database for
auditing purposes. The current method is hideously unreliable. The app
includes updategrams, XML Templates and ADO connections.
I don't want to use impersonation because of the direct db access that
allows.
So, at the start of each connection I pass the username to a table and
save it against the @@spid (Primary Key). The audit triggers then look
up the username for that connection when they are triggered.
At the end of the connection I remove the entry from the table.
First of all, what do you think of the solution? Secondly, can I leave
connection pooling on when using this method? I think I can. To get the
wrong name passed through you'd have to forget to set the username on
that connection AND forget to remove it on another connection.
Cheers,
James
2  2322 
you will have to turn pooling off. with pooling on, every query fetchs a
connection from the pool and returns it. therefore the same connection can
be used by tw page requests, and the same page may use serveral different
connections.
for example
......
cmd.ExecuteNonQuery()
......
cmd.ExecuteNonQuery()
are may not use the same connection.if connection pooling is on.
-- bruce (sqlwork.com)
"JimLad" <ja*********@yahoo.co.ukwrote in message
news:11**********************@m73g2000cwd.googlegr oups.com...
Hi,
In an existing ASP/ASP.NET 1.1 app running on IIS 6, I need to RELIABLY
pass the logged in username through to the SQL Server 2000 database for
auditing purposes. The current method is hideously unreliable. The app
includes updategrams, XML Templates and ADO connections.
I don't want to use impersonation because of the direct db access that
allows.
So, at the start of each connection I pass the username to a table and
save it against the @@spid (Primary Key). The audit triggers then look
up the username for that connection when they are triggered.
At the end of the connection I remove the entry from the table.
First of all, what do you think of the solution? Secondly, can I leave
connection pooling on when using this method? I think I can. To get the
wrong name passed through you'd have to forget to set the username on
that connection AND forget to remove it on another connection.
Cheers,
James
Not quite correct. You won't get a different connection for each query.
Connection pooling gives you an idle open connection instead of opening a
new one when you call SqlConnection.Open(). Then when you close (or
dispose) the connection it is returned to the pool instead of really being
closed.
The solution will work so long as the user name is passed after each time a
connection is opened.
David
"bruce barker (sqlwork.com)" <b_*************************@sqlwork.comwrote
in message news:OY**************@TK2MSFTNGP04.phx.gbl...
you will have to turn pooling off. with pooling on, every query fetchs a
connection from the pool and returns it. therefore the same connection can
be used by tw page requests, and the same page may use serveral different
connections.
for example
.....
cmd.ExecuteNonQuery()
.....
cmd.ExecuteNonQuery()
are may not use the same connection.if connection pooling is on.
-- bruce (sqlwork.com)
"JimLad" <ja*********@yahoo.co.ukwrote in message
news:11**********************@m73g2000cwd.googlegr oups.com...
>Hi,
In an existing ASP/ASP.NET 1.1 app running on IIS 6, I need to RELIABLY
pass the logged in username through to the SQL Server 2000 database for
auditing purposes. The current method is hideously unreliable. The app
includes updategrams, XML Templates and ADO connections.
I don't want to use impersonation because of the direct db access that
allows.
So, at the start of each connection I pass the username to a table and
save it against the @@spid (Primary Key). The audit triggers then look
up the username for that connection when they are triggered.
At the end of the connection I remove the entry from the table.
First of all, what do you think of the solution? Secondly, can I leave
connection pooling on when using this method? I think I can. To get the
wrong name passed through you'd have to forget to set the username on
that connection AND forget to remove it on another connection.
Cheers,
James
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: JWM |
last post by:
I am trying to implement Oracle connection pooling for the following code,
which was written by someone else. Here is my main question -- this java
file creates code that is executed every hour,...
|
by: Mithun Verma |
last post by:
Hello All,
I am working on a windows application which will talk to the database
through the Web services.
So i need to enhaance the performance, for which i m using connection
|
by: Rob Nicholson |
last post by:
We're getting an occasional occurrence of the following error when two users
try and open the same record in our ASP.NET app:
"There is already an open DataReader associated with this Connection...
|
by: Zlatko Matić |
last post by:
Hello.
In ODBC Data Source Administrator, there is a tab "Connection Pooling" and
option "PerfMon" Enable/Disable.
Could someone explain the meaning of the option and how it reflects to
Access...
|
by: Terry Holland |
last post by:
I have an intranet application that comprises an ASP.Net application
connecting to a SQL Server DB
The application has 150 users. At the moment I am connecting using the
following setup
I have...
|
by: crbd98 |
last post by:
Hello All,
Some time ago, I implemented a data access layer that included a simple
connectin pool. At the time, I did it all by myself: I created N
connections, each connection associated with...
|
by: fniles |
last post by:
In the Windows application (using VB.NET 2005) I use connection pooling like
the following:
In the main form load I open a connection using a connection string that I
stored in a global variable...
|
by: viswarajan |
last post by:
Introduction
This article is to go in deep in dome key features in the ADO.NET 2 which was shipped with VS 2005.
In this article I will go trough one of the key features which is the Connection...
|
by: liquidfirex |
last post by:
I have looked at all documentation I can find but still cannot find the answer to my simple question! When connection pooling is enabled, all individual connections still maintain their own SPID...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
