使用实体框架动态设置连接字符串时的 Silverlight 安全问题
我正在使用实体框架,并且在许多数据库和服务器上具有相同的模型。我想在运行时根据登录用户设置连接字符串。我目前正在我的 DomainService 中覆盖 CreateObjectContext() 并在那里设置连接字符串。这很好用,但我担心缺乏安全性。例如,在我的 DomainService 中,我有一个名为 SetConnectionString() 的调用方法,每次需要新实体时我都会在其中传入连接字符串。这是从 DomainContext(客户端)完成的。由于我使用的是 SQL Integrated Security,我担心有人可能会操纵 clinet 上的连接字符串并访问他们无权使用的数据库。
为我想在运行时使用的域实体动态设置连接字符串的最安全方法是什么?
我确实在数据库中有数据库名称和服务器设置,如果我传递了我的项目 ID 或其他一些信息,我可以从 DomainService 查找这些设置,但我又回到了同样的问题 - 有人可以轻松欺骗这个信息。
想法??
-斯科特
I am using Entity Framework and have the same model on many databases and servers. I want to set my connection string at runtime based on the logged in user. I am currently overriding CreateObjectContext() in my DomainService and setting the connection string there. This works great, but I'm concerned with the lack of security. For example, in my DomainService, I have an invoke method called SetConnectionString() where I pass in the connections string each time I need a new Entity. This is being done from the DomainContext (client side). Since I am using SQL Integrated Security, I am concerned that someone could manipulate the connection string on the clinet and get access to a database that they are not authorized to use.
What is the most secure way to dynamically set the connection string for the domain entity I want to use at runtime?
I do have the database name and server settings in a database that I could look up from the DomainService if I passed in my project id or some other piece of information, but I am then right back to the same issue - someone could easily spoof this info.
Ideas??
-Scott
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
希望我的答案是相关的,因为闪存开发人员面临着同样的安全问题......
使这个真正安全的唯一方法(“这个”是来自客户端代码的数据库连接)是让每个用户只有只读访问权限他们在数据库中的数据。
正如您所意识到的,没有办法阻止用户监视/修改您发送回服务器的数据。即使您对通信进行加密,用户仍然可以访问代码,如果是闪存,则可以通过简单的反编译来访问源代码。
我不是数据库开发人员,但我对您经常询问的内容进行安全审核,因此以下建议可能是错误的,但我只是用谷歌搜索,似乎您可以使用视图来限制用户(凭据集)到具体信息。
如果没有,本文似乎与您想要的内容相关:
http://technet.microsoft .com/en-us/library/cc966395.aspx
Hopefully my answer is relevant as the same security issues are faced by flash developers...
The only way to make this really secure ("this" being database connections from your client side code) is to make each user only have read-only access to their data in the database.
As you are realizing, there is no way to stop the user from monitoring/modifying data that you are sending back to the server. Even if you encrypt the communication, the user still has access to the code and in the case of flash, source code due to trivial decompilation.
I am not a DB developer, but I do security audits of stuff like you are asking often, so the following advice could be wrong, but I just googled, and it seems like maybe you could use views to restrict users (sets of credentials) to specific information.
If not, this article seems relevant to what you want:
http://technet.microsoft.com/en-us/library/cc966395.aspx
使用 ASP.NET 成员资格框架怎么样?将用户登录与框架中的登录调用联系起来,以确保用户是授权用户。将“RequiresAuthentication”属性添加到域服务中要保护的每个功能。
以下是有关通过 Silverlight 使用 ASP.NET 成员资格的更多详细信息:WCF RIA 服务 - 身份验证、角色和配置文件
What about using the ASP.NET membership framework? Tie the user login with a Login call in the framework to make sure the user an authorized user. Add a "RequiresAuthentication" attribute to each of the functions you want to protect in your domain service.
Here are more details on using ASP.NET membership with Silverlight: WCF RIA Services - Authentication, Roles, and Profiles