We have implemented Row Level Security (RLS) in Azure SQL Database for isolating the data of each Tenant following the example here https://docs.microsoft.com/en-us/sql/relational-databases/security/row-level-security?view=sql-server-ver15#MidTier
For integrating this with LLBLGen we have the following code
public DataAccessAdapterBase Get(decimal tenantId)
{
var adp = new DataAccessAdapter();
adp.KeepConnectionOpen = true;
adp.ActiveRecoveryStrategy = new SqlAzureRecoveryStrategy();
var sql = $"EXEC sp_set_session_context @key=N'TenantId', @value={tenantId}, @read_only=1;";
adp.ExecuteSQL(sql);
return adp;
}
Is this approach secure? Is it safe to set the session this way for each adapter?