02 January,2019 by Tom Collins
ORIGINAL_LOGIN() and CURRENT_USER are useful functions in SQL Server , used to report on identities within SQL Server sessions.
The purpose of the ORIGINAl_LOGIN() is to return the value of the login which made the original connection to SQL Server.
CURRENT_USER - Returns the name of the current user. This function is equivalent to SELECT USER_NAME().
The definitions sound similar but there are some differences. When using CURRENT_USER , the value will change according to different impersonations used.
In this example , we are using the EXECUTE AS functionality - which allows a login to execute code as another login - as long as the right permissions are in place. If you run this code , assuming you have a login called "jvtest" - , you'll see the 2nd instance current user , changes to the value of the EXECUTE AS , in other words , an impersonation is in progress.
You may find that in all the cases of select CURRENT_USER you may see "dbo". To read more about this situation read select current_user shows dbo
But the ORIGINAL_LOGIN() within the EXECUTE AS functionality - will return the login used to originally connect to SQL Server.
--1st current_user
select current_user
EXECUTE AS login = 'jvtest'
--2nd current user
select current_user
select original_login()
REVERT
--3rd current user
select current_user
The ORIGINAL_LOGIN() is useful when troubleshooting issues when impersonation is adopted , and is also a useful value to record in SQL Server security audits.
This is only a preview. Your comment has not yet been posted.
As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.
Having trouble reading this image? View an alternate.
Posted by: |