Pai*_*One 11 sql sql-server stored-procedures database-permissions sql-server-2012
我正在尝试运行尝试从系统表中选择的存储过程时遇到与权限相关的问题.基本上我试图通过直接从sys.dm_tran_current_transaction表中获取我需要的数据来解决SQL Server 2012中sp_bindtoken系统存储过程的弃用问题.
我发现的一个解决方案是:
这种方法似乎在SQL Server 2008 R2中运行良好.但是在SQL Server 2012中,即使脚本看起来运行正常,在运行时,存储过程也会在尝试从上面的系统表中进行选择时失败并显示权限错误.
USE OurDatabase
GO
CREATE CERTIFICATE OurDatabaseProcCert
FROM FILE = 'C:\Path\To\OurDatabaseProcCert.cer'
WITH PRIVATE KEY (
FILE = 'C:\Path\To\OurDatabaseProcCert.pvk',
ENCRYPTION BY PASSWORD = '$0m3$tr0ngp@$$w0rd',
DECRYPTION BY PASSWORD = '$0m3$tr0ngp@$$w0rd');
GO
USE master
GO
CREATE CERTIFICATE OurDatabaseProcCert
FROM FILE = 'C:\Path\To\OurDatabaseProcCert.cer'
WITH PRIVATE KEY (
FILE = 'C:\Path\To\OurDatabaseProcCert.pvk',
ENCRYPTION BY PASSWORD = '$0m3$tr0ngp@$$w0rd',
DECRYPTION BY PASSWORD = '$0m3$tr0ngp@$$w0rd');
GO
CREATE LOGIN OurDatabaseServerLogin
FROM CERTIFICATE OurDatabaseProcCert
GO
CREATE USER OurDatabaseServerLogin
REVOKE CONNECT SQL FROM OurDatabaseServerLogin
GO
GRANT AUTHENTICATE SERVER TO OurDatabaseServerLogin
GO
GRANT VIEW SERVER STATE TO OurDatabaseServerLogin
GO
USE OurDatabase
GO
ADD SIGNATURE TO dbo.bsp_getTransactionID BY CERTIFICATE OurDatabaseProcCert WITH PASSWORD = '$0m3$tr0ngp@$$w0rd'
CREATE Procedure bsp_getTransactionID
(
@TransactionID VARCHAR(255) OUTPUT
)
AS
BEGIN
IF @@TRANCOUNT > 0
BEGIN
SELECT SYSTEM_USER
SELECT @TransactionID = sys.dm_tran_current_transaction.transaction_id FROM sys.dm_tran_current_transaction
END
RETURN 0
END
GO
有没有人遇到过这类问题?
虽然我不明白为什么它在 2012 年会有不同的反应,但我确实想知道您是否可以通过EXECUTE AS <certificate_logon>使用CREATE PROCEDURE.
理论上,这应该与您的默认解决方案等效EXECUTE AS owner,但也许它的反应略有不同???我认为值得一试。
| 归档时间: |
|
| 查看次数: |
1057 次 |
| 最近记录: |