Re: SQL Connection Strings
- From: Erica <Erica@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 17 Nov 2008 13:32:08 -0800
The connection string does not change. And SSPI is enabled (I apologize for
supplying incorrect info in my last post). It's a web application. This is
what is happening: Based on their unique ID user A will see a list of data
and user B will see a list of different data. But if they try pulling the
data at the same time user B will see User A's dataset.
"William (Bill) Vaughn" wrote:
Okay, if you're using SQL Server authentication (because Integrated.
Security=SSPI or =True is the only other option), and the ConnectionString
is changing (I assume to reflect the credentials of the current user) then
the rights granted to the database objects are a function of the currently
assigned user. No, the query plan is not going to change based on rights.
Yes, the stored procedure might not be accessible to all users. It would
help to know more about the application. Is it a Windows Forms application?
What makes you think the SP or SQL Server will get confused?
--
__________________________________________________________________________
William R. Vaughn
President and Founder Beta V Corporation
Author, Mentor, Dad, Grandpa
Microsoft MVP
(425) 556-9205 (Pacific time)
Hitchhiker’s Guide to Visual Studio and SQL Server (7th Edition)
http://betav.com/blog/billva
____________________________________________________________________________________________
"Erica" <Erica@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BC62C027-68C9-4FC4-BAA4-E1A6844C4CD5@xxxxxxxxxxxxxxxx
Thanks for your response. However, Integrated Security is not set to
SSPI...using Enterprise Library DAAB. Could DAAB be caching result set?
"William (Bill) Vaughn" wrote:
In a Windows Forms application, when you use Integrated Security = SSPI
instead of SQL Server authentication, the current user's credentials are
passed to be authenticated at the server. In this case, each user must
have
a Login account or the user must be a member of a specific role on the
server which has been granted specific rights to the database objects.
In an ASP.NET application, it's IIS that logs on when you use Integrated
Security=SSPI so anyone accessing the web page has the same rights.
See Chapter 9 in my book or my blog for more info on connection issues
and
mechanics. www.betav.com/blog/billva
--
__________________________________________________________________________
William R. Vaughn
President and Founder Beta V Corporation
Author, Mentor, Dad, Grandpa
Microsoft MVP
(425) 556-9205 (Pacific time)
Hitchhiker’s Guide to Visual Studio and SQL Server (7th Edition)
____________________________________________________________________________________________
"Erica" <Erica@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0B7F6EEC-273D-43BD-A6E0-867625E94C7A@xxxxxxxxxxxxxxxx
Data returned from Sql through a stored procedure is dependent on what
user
is logged in. If the connection string is NOT unique, will this cause
the
connections to get mixed up and cause one user to see data another user
(also
logged in) should be seeing. If not, what might cause this?
- Follow-Ups:
- Re: SQL Connection Strings
- From: Erica
- Re: SQL Connection Strings
- References:
- SQL Connection Strings
- From: Erica
- Re: SQL Connection Strings
- From: William \(Bill\) Vaughn
- Re: SQL Connection Strings
- From: Erica
- Re: SQL Connection Strings
- From: William \(Bill\) Vaughn
- SQL Connection Strings
- Prev by Date: Re: SQL Connection Strings
- Next by Date: Re: SQL Connection Strings
- Previous by thread: Re: SQL Connection Strings
- Next by thread: Re: SQL Connection Strings
- Index(es):
Relevant Pages
|
