Re: Maximum Number of Database Users and Roles
From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 03/11/04
- Next message: Bullschmidt: "Re: Sessions, Cookies, DB, Form posts or all 4"
- Previous message: Aaron Bertrand [MVP]: "Re: Best method of saving data between the normal and SSL stuff"
- In reply to: Barry: "Maximum Number of Database Users and Roles"
- Next in thread: Tom Kaminski [MVP]: "Re: Maximum Number of Database Users and Roles"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 12 Mar 2004 10:37:29 +1100
If you don't want to use the Windows SAM or AD?
Off the top of my head, I'd recommend using a trusted subsystem.
The trusted subsystem connects to the database using a predefined security
context. The trusted subsystem also verifies the user's identity
(authenticates and authorizes) - you could store the user credentials in
Active Directory, or in an SQL Server database table, or wherever. It'll
require some refactoring of your existing code base, if you made it modular
enough to start with, then it should be relatively easy to insert.
You can get more information in the Building Secure ASP.Net book by
Microsoft. Check the Data Access Security chapter which discusses a number
of ways you can do this:
Personally, with that many users, I would not be using SQL Server's internal
systems to manage users. I'd be using Active Directory or something. You
might want to ask on some of the SQL Server security groups though.
Cheers
Ken
"Barry" <no_one@home.net> wrote in message
news:uueLnK3BEHA.3184@TK2MSFTNGP09.phx.gbl...
: I unfortunately found out during a late night update that the maximum
number
: of security accounts for sql server is 16379
: (http://support.microsoft.com/?id=303879).
:
: I have a web site that I had/have to change the security model for which
was
: originally setup using a Windows Domain Group and users to access our sql
: server database. We were using mangled url's to pass the username and
: password to our site, which was fine, but recently, MS removed the ability
: to mangle the url. Our customers want the ability to pass their users
from
: their site to our site seemlessly without any pop-up dialog (i.e. basic
: auth). One of our clients have approximate 40,000 users that need to be
: setup for the site. We are trying not to rewrite hundreds of stored procs
: to add the username and password parms, so we are kinda in a bind.
:
: How are you accessing your database using sql secrutiy accounts with >
16379
: users? Each user has to have a unique login, and we would like to use a
: built in security model, but we cannot use the Windows domain groups.
:
: Thanks,
: Barry
:
:
:
- Next message: Bullschmidt: "Re: Sessions, Cookies, DB, Form posts or all 4"
- Previous message: Aaron Bertrand [MVP]: "Re: Best method of saving data between the normal and SSL stuff"
- In reply to: Barry: "Maximum Number of Database Users and Roles"
- Next in thread: Tom Kaminski [MVP]: "Re: Maximum Number of Database Users and Roles"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
