Impersonation Delegation

From Guidance Share

Jump to: navigation, search

Contents

Context

Your application needs to access a downstream resource, typically a database, and you need to decide where to authorize the original caller who initiates the operation and what account to use to access the downstream resource.


Problem

  • Where to perform authorization and what account(s) to use access the downstream resource.


Forces

  • You want to use OS auditing to track an individual's operations in the database.
  • You want granular, per-user authorization in the database.
  • You don't want to trust the front-end application to perform user authorization.
  • Your application will scale enough to satisfy your requirements even without connection pooling.


Solution

  • Use an authentication mechanism that allows you to obtain delegatable credentials.
  • Impersonate the original caller's identity and make downstream calls using that identity.
  • Configure per-user ACLs at the back-end (e.g. within the database)
Personal tools