Menu
I have a WCF service hosted in IIS that is retrieving data from multiple sources (all SQL Server). With each data source, I have to impersonate a different Active Directory user to connect to the database. I am using Entity Framework v6.1.1 for two of the data sources. Integrated Security is set to True in the connection strings, too.
I use the example below to set the impersonated user, where the impersonated user is a System.Security.Principal.WindowsImpersonationContext that I set from configuration:
internal async Task<List<string>> GetItemsByLookupItemsAsync(List<string> lookupItems)
{
var result = new List<string>();
using (var db = new EntityFrameworkDb())
{
var query = from item in db.Table
where lookupItems.Contains(item.LookupColumn)
select item.StringColumn;
var queryResult = new List<string>();
using (GetImpersonatedUser())
{
queryResult.AddRange(await query.ToListAsync());
}
result.AddRange(queryResult.OrderBy(e => e));
}
return result;
}
The problem is that the previous code throws a SqlException saying that the account running the web service can not log on to the database. It appears that when I hit the await I lose the impersonation context.
What are some suggestions to solve this problem?
336
Generally speaking, if there are asynchronous APIs, then you should use them for new code. Asynchronous code frees up the calling thread. If your application is a GUI application, this can free up the UI thread; if your application is a server application, this can free up threads to handle other requests.
Note that there are no async versions of some LINQ operators such as Where or OrderBy, because these only build up the LINQ expression tree and don't cause the query to be executed in the database. Only operators which cause query execution have async counterparts.
ToListAsync(IQueryable)Creates a List<T> from an IQueryable by enumerating it asynchronously.
The fact that await frees the thread up to do other things means that it can remain responsive to additional user actions and input. But, even if there is no graphical user interface, we can see the advantage of freeing up a thread.
Set the legacyImpersonationPolicy to false and alwaysFlowImpersonationPolicy to true inside your web.config and restart IIS
<configuration>
<runtime>
<legacyImpersonationPolicy enabled="false"/>
<alwaysFlowImpersonationPolicy enabled="true"/>
</runtime>
</configuration>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
