0

I have an application that authenticates and authorizes the users within application. The application then connects to the database using a service ID. because of this, all actions on the database are run as the application and not the end user. I now have a requirement to tie all database actions to the end user. Can anyone tell me at a high level a couple of ways to solve this?

thanks

user2219930
  • 125
  • 17

1 Answers1

0

I know of two high level approaches. One is to use something like [Kerberos Delegation (Kerberos, delegation and how to do this correctly?) to actually take the user's authentication and log into the database as a user. The much more common approach is to store the end-user's ID in all created or updated rows and to trust the application to do this correctly.

Community
  • 1
  • 1
Sam Hartman
  • 6,210
  • 3
  • 23
  • 40