SQL Server execute procedure as user

十年热恋 提交于 2020-01-24 09:42:09

问题


I have a stored procedure which loads data into a target table and works fine when run in a session with my AD credentials.

When I try to run it in a job (again with my AD details in the Run As option) suddenly the login does not have access to one of the DB's.

I used

EXEC SP1

Which worked fine.

I used (to emulate running the stored procedure in a job)

EXECUTE AS user = 'Domain\JDoe'

EXECUTE SP1

REVERT

Which failed.

Why does the stored procedure fail when running with the same credentials which are used successfully in a different session window?

Thanks in advance


回答1:


You need to set the source database to TRUSTWORTHY. Note that this has other security implications (see below).

By default in SQL Server you cannot use an assumed security context to get out of one database and into another unless the source is trusted. Setting a database to TRUSTWORTHY is how you indicate that the database is a trusted source. This is a security measure designed to prevent someone who hacks into one database from an application (via Injection, usually) from then using that as a springboard into all of the other databases in the same SQL Server. By setting it to TRUSTWORTHY you are saying "this database is secure and no one can get out who isn't supposed to."

Alter database statements like this one require that no one else is in the database when you ALTER it. You can add WITH ROLLBACK IMMEDIATE to the end of the command to throw everyone else out first. Of course that may have consequences of its own ... ;-)



来源:https://stackoverflow.com/questions/40657390/sql-server-execute-procedure-as-user

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!