New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MSSQLConnection Active Directory Authentication #479
Comments
This is not an ORM function. This would be an authentication function in the framework you are using |
I think this is an important feature. It has to do with how one connects to the database. In some environments active directory is used to authenticate an application against the database instead of using a database username and password. This feature would be on the same level as any other database connection/configuration item. Currently, this orm uses pyodbc for connecting to mssql. This can be enabled by simply adding Trusted_Connection=yes
Notice, no username or password in the connection string. pyodbc takes care of these things behind the scene. This feature can be implemented in less than 20 lines of code and maybe touches 2 files in the orm ConnectionResolver.py & MSSQLConnection.py. If implemented correctly its a non-breaking feature. |
Oh ok I see. I thought this was related to some kind of application level authentication. Can you open a PR for this? |
This should be done by setting a connection setting like this: 'mssql': {
'driver': 'mssql',
'host': os.getenv('MSSQL_DATABASE_HOST'),
'user': os.getenv('MSSQL_DATABASE_USER'),
'password': os.getenv('MSSQL_DATABASE_PASSWORD'),
'database': os.getenv('MSSQL_DATABASE_DATABASE'),
'port': os.getenv('MSSQL_DATABASE_PORT'),
'prefix': '',
'log_queries': True,
'options': {
'trusted_connection': True
}
}, Then inside the connection we can do something like: f"DRIVER={mssql_driver};SERVER={self.host},{self.port};DATABASE={self.database};UID={self.user};PWD={self.password}{'Trusted_Connection=yes' if self.options.get('trusted_connection') else ''}" |
I’ll create the PR this weekend. |
This is wonderful. Thanks for the update. |
The feature will allow users to authenticate on a MSSQL server using their current windows user session. Currently there is no way to do this using the orm.
The text was updated successfully, but these errors were encountered: