Is using EXECUTE AS impersonation for user authentication in a web application a good idea?
I wrote a web application that is using AD authentication (Windows) and has its own authorization module (RBAC-like). Back-end is Microsoft SQL Server.
A DBA on my team is not happy with us using a service account to talk to the database, … Continue reading Is using EXECUTE AS impersonation for user authentication in a web application a good idea?