none
OPEN SYMMETRIC KEY and connection pooling

    Question

  • Hi,

    Does anyone know if a connection that goes back to an ADO.NET connection pool and gets reused keeps open a symmetric key that was opened in the connection and never closed ?

    I can read somewhere that the security contexts is reinitialized, but does it apply also to encryption keys ?

    thanks !

    Tuesday, February 21, 2012 9:47 PM

Answers

  • I think "security context" here refers to impersonation with EXECUTE AS, so I stand by my initial assumption.

    It would be fairly useless if the key stayed open anyway, because there is no way the client code could rely on that you get the same spid. And it would be really bad in a three-tier application where the middle tier uses the same login to access SQL Server, and users supply the password for the key.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    Wednesday, February 22, 2012 8:07 AM

All replies

  • I would assume so, but why not test?


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    Tuesday, February 21, 2012 10:49 PM
  • Mostly laziness, to do the client code... I will have to do it. But it should work . the BOL say that the key stays open for the duration of the session and is not influenced by the security context.
    Tuesday, February 21, 2012 11:52 PM
  • I think "security context" here refers to impersonation with EXECUTE AS, so I stand by my initial assumption.

    It would be fairly useless if the key stayed open anyway, because there is no way the client code could rely on that you get the same spid. And it would be really bad in a three-tier application where the middle tier uses the same login to access SQL Server, and users supply the password for the key.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    Wednesday, February 22, 2012 8:07 AM