tags:

views:

159

answers:

2
Q: 

Replacing SqlDependency with manual code

We work in .Net 3.5, and we have SqlDependency in the code, which requires the .Net user to have CREATE permissions and other permissions.
The DBAs here want to avoid giving the .Net user such vast permissions.

Is there a way to bypass SqlDependency by manually doing what SqlDependency does? Running a background process with more permissions that the .net one and creating the necessary procedures, etc.?

Thanks!

For future reference, I just want to say that we solved the permissions issue with a very simple solution: The SqlDependency uses a different connection string with a user that has different permissions that the regular .net connection string.

A: 

Why could you not use a stored procedure to handle this task? They are one way to abstracting permissions and db logic away from your client code.

If all objects (tables, stored procedures, etc) are owned by the same owner (many times dbo) then your client permissions only need access to execute the stored procedure(s) they require.

Jamie Altizer  2010-02-23 17:30:02
+1  A: 

Use SqlNotificationRequest instead. This is the base, underlying class, on top of which SqlDependency is built. To understand how SqlDependency works, read on The Mysterious Notification.

In order to receive Query Notification you must have a valid service and queue. the service and queue cannot be shared by application instances because they will receive each-other's notification. This is why SqlDependency chooses to do a 'just-in-time' deployment of a temporary service, queue and procedure (when you call Start()) and that is what drives the requirement to have CREATE permissions.

The lower level SqlNotificationRequest does allow you to specify the service (and hence the queue) to be used, but the draw back is that the service and queue must already exist. However, you can create them during instalation phase when the setup or .msi is run by a priviledged administrator. When invoked by users the code uses the already created service. But again, you have to create a service for each application instance (ie. for each appdomain), which makes things a tad complicated.

Remus Rusanu  2010-02-23 21:10:59
+1, thanks for clearing some of that up, Remus.
Jeff Sternal  2010-02-23 21:32:43

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?