Readme_Impersonation Sample

  • Article

This sample works only with SQL Server 2005 and SQL Server 2008. It will not work with any version of SQL Server earlier than SQL Server 2005.

The Impersonation sample demonstrates how to use impersonation to use the credentials passed from the client to access operating system protected resources, such as files, when you are using integrated security. By default, the credentials of the account that SQL Server runs under are used when you access these kinds of resources.

Note

This form of impersonation does not affect access to SQL Server protected resources such as tables, unless you are performing the data access to another database server (SQL Server or some other type of database server) via ADO.NET. In that case you should use impersonation during the execution of the Open method on the connection to pass the client's credentials to the remote server. Impersonation during the other ADO.NET calls are not necessary.

This sample also demonstrates how to access information about files that are contained in a directory using a common language runtime (CLR) table valued function.

Install directory: C:\Program Files\Microsoft SQL Server\100\Samples\Engine\Programmability\CLR\Impersonation\

SQL Server samples and sample databases must be downloaded and installed before you can view or work with them. For more information, see Considerations for Installing SQL Server Samples and Sample Databases.

Scenario

Jane is a developer for Adventure Works Cycles. She wants to access information about files in a directory on the server by using the credentials passed from the client.

Languages

Transact-SQL, Visual C# and Visual Basic.

Features

The Impersonation sample uses the following features of SQL Server.

Application Area Features

Overall

CLR, Security

Prerequisites

Before running this sample, make sure the following software is installed:

  • Microsoft SQL Server or Microsoft SQL Server Express. You can obtain SQL Server Express free of charge from the SQL Server Express Documentation and Samples Web site
  • The AdventureWorks database which is included with SQL Server, and is also available at the SQL Server Developer Web site.
  • The SQL Server Database Engine samples. These samples are included with SQL Server. You can download the latest version of the samples at the SQL Server Developer Web site.
  • .NET Framework SDK 2.0 or Microsoft Visual Studio 2005. You can obtain .NET Framework SDK free of charge. See Installing the .NET Framework Documentation.

Building the Sample

If you have not already created a strong name key file, generate the key file using the following instructions.

To generate a strong name key file

  1. Open a Microsoft Visual Studio 2005 command prompt. Click Start, point to All Programs, point to Microsoft .NET Framework SDK 2.0, and then click SDK Command Prompt.

    -- or --

    Open a Microsoft .NET Framework command prompt. Click Start, point to All Programs, point to Microsoft .NET Framework SDK 2.0, and then click SDK Command Prompt.

  2. Use the change directory command (CD) to change the current directory of the command prompt window to the folder where the samples are installed.

    Note

    To determine the folder where samples are located, click the Start button, point to All Programs, point to Microsoft SQL Server, point to Documentation and Tutorials, and then click Samples Directory. If the default installation location was used, the samples are located in <system_drive>:\Program Files\Microsoft SQL Server\100\Samples.

  3. At the command prompt, run the following command to generate the key file:

    sn -k SampleKey.snk

    Important

    For more information about the strong-name key pair, see "Security Briefs: Strong Names and Security in the .NET Framework" in the .NET Development Center on MSDN.

To build the Impersonation sample

  1. Compile the sample by using Visual Studio 2005 and the provided Visual Studio solution, or by using Microsoft MSBuild, which is included in the .NET Framework SDK 2.0. Run a command similar to the following at a command prompt:

    msbuild /nologo /verbosity:quiet /property:Configuration=Debug CS\ Impersonation.sln

  2. Make sure that the AdventureWorks database is installed.

  3. If you did not install the SQL Server engine samples in the default location, modify the path in the CREATE ASSEMBLY section of the script in Scripts\InstallCS.sql and Scripts\InstallVB.sql to refer to the location where the samples were installed.

  4. If you are not an administrator for the SQL Server instance you are using, you must have an administrator grant you CreateAssembly permission to complete the installation.

  5. Open the scripts\installCS.sql or scripts\installVB.sql file, depending on whether you compiled the Visual C# project or the Visual Basic project, in Microsoft SQL Server Management Studio. Run the script that is contained in the file, or run a command similar to the following at the command prompt:

    sqlcmd -E -I -i Scripts\InstallCS.sql

Running the Sample

To run the Impersonation sample

  1. In the My Documents folder, create a folder named Test.

  2. Using Notepad, create an empty text file in that folder.

  3. Adjust the security of the folder by using the Properties dialog box in Windows Explorer.

    1. Use the Advanced button on the Security tab to disable inheritance of the folder's security settings from its parent.
    2. Use the Copy option to copy the parent's security settings.
    3. Add yourself as a user who has full permissions on the folder.
    4. Remove all other users.

  4. Open the scripts\test.sql file in Management Studio or Notepad. Modify the file so that instead of calling the GetEnvironmentVariable method in the SELECT @TestDir statement, you specify a constant string for the value of the @TestDir variable. The code should be similar to the following:

    SELECT @TestDir = 'C:\Documents and Settings\ username\My Documents\Test\'

    Replace username with your actual user name.

Run the script in Management Studio or save the modified file in Notepad, and then run the following command at the command prompt:

sqlcmd -E -I -i Scripts\test.sql

Removing the Sample

To remove the Impersonation sample

  1. Open the scripts\cleanup.sql file in Management Studio. Run the script that is contained in the file, or run the following command at the command prompt:

    sqlcmd -E -I -i Scripts\cleanup.sql

Comments

The CLR for SQL Server or SQL Server Express must be enabled for this sample to work correctly.

Samples are provided for educational purposes only. They are not intended to be used in a production environment and have not been tested in a production environment. Microsoft does not provide technical support for these samples. Sample applications and assemblies should not be connected to or used with your production SQL Server database or your report server without the permission of the system administrator.

See Also

Other Resources

The SqlContext Object

Help and Information

Getting SQL Server 2008 Assistance