下午好,我正在写一个存储敏感健康信息的研究数据库的前端。我机构制定了一项政策,即用户操作由SQL Server记录,以便在发生违规时可以对服务器日志文件执行审核。
因此,策略,我不能以系统用户的身份将Django连接到数据库(否则,前端操作的所有用户将以Django系统用户的身份(而不是实际用户的身份)由服务器记录。) b
是否有一种方法可以使用按用户凭据连接到数据库,以便在前端执行的操作将作为该用户记录在db服务器上?我已经找到了很多有关使用多个数据库的信息,但是没有关于这些数据库的每个用户身份验证的信息。
谢谢您!
解决方案我能够完成通过向SQL用户授予IMPERSONATE权限,并在我需要登录models.py的数据库查询之前执行EXECUTE AS。
cursor = self.connection.cursor() try: cursor.execute( EXECUTE AS + get_current_user()除了DatabaseError如e: cursor.close ()加薪e
Good afternoon, I am writing a front-end for a research database that holds sensitive health information. My institution has a policy that user actions be logged by the SQL server so that they can perform audits on the server log files in the event of a breach.
Because of this policy, I cannot connect Django to the db as a system user (otherwise, all users of the front-end actions would be logged by the server as the Django system user instead as the actual user individually).
Is there a way to connect to the DB using per user credentials so that actions performed on the front end will be logged as that user on the db server? I have been able to find a lot of information about using multiple databases, but nothing about per user authentication of those databases.
Thank you in advanced!
解决方案I was able to accomplish this by giving the SQL user the IMPERSONATE permission and performing EXECUTE AS prior to the DB queries that I needed to have logged in models.py.
cursor = self.connection.cursor() try: cursor.execute("EXECUTE AS " + get_current_user() except DatabaseError as e: cursor.close() raise e
更多推荐
Django中的每用户数据库身份验证
发布评论