Re: accessing remote database
- From: "William Vaughn" <billvaNoSPAM@xxxxxxxxx>
- Date: Mon, 29 Oct 2007 10:25:02 -0700
I don't put "user" credentials in the connection string--just those assigned to the application. The DBA then grants rights to a selected few stored procedures or views but NOT to any underlying tables. This dramatically reduces the surface area of vulnerability. Yes, there are also techniques that can be used to hide the ConnectionString credentials (or the string itself) but these also have crevices that can expose the string. No, I think you'll find that the limitations and other issues associated with a Web service (however sexy) outweigh the performance and flexibility you can achieve with a direct-connect approach.
--
I discuss this at length in my book an in my workshops (see www.devteach.com for the next offering).
____________________________________
William (Bill) Vaughn
Author, Mentor, Consultant, Dad, Grandpa
Microsoft MVP
INETA Speaker
www.betav.com
www.betav.com/blog/billva
Please reply only to the newsgroup so that others can benefit.
This posting is provided "AS IS" with no warranties, and confers no rights.
__________________________________
Visit www.hitchhikerguides.net to get more information on my latest book:
Hitchhiker's Guide to Visual Studio and SQL Server (7th Edition)
and Hitchhiker's Guide to SQL Server 2005 Compact Edition (EBook)
-----------------------------------------------------------------------------------------------------------------------
"Andy" <kc2ine@xxxxxxxxx> wrote in message news:ejYH1UEGIHA.3980@xxxxxxxxxxxxxxxxxxxxxxx
thanks William,
yes, most of the clients are in LAN and few remote users are on WAN and connect through VPN.
My manager argues that accesing through Web Service is more secure because clients don't have connection string embeded in application. What is your opinion on that?
"William Vaughn" <billvaNoSPAM@xxxxxxxxx> wrote in message news:%23RTgJk$FIHA.5228@xxxxxxxxxxxxxxxxxxxxxxxIt depends whether it's on a LAN or a WAN. If it's a LAN use direct-connect. On a WAN use an ASP.NET application to front it or better yet, a direct-connect via VPN connection.
--
____________________________________
William (Bill) Vaughn
Author, Mentor, Consultant, Dad, Grandpa
Microsoft MVP
INETA Speaker
www.betav.com
www.betav.com/blog/billva
Please reply only to the newsgroup so that others can benefit.
This posting is provided "AS IS" with no warranties, and confers no rights.
__________________________________
Visit www.hitchhikerguides.net to get more information on my latest book:
Hitchhiker's Guide to Visual Studio and SQL Server (7th Edition)
and Hitchhiker's Guide to SQL Server 2005 Compact Edition (EBook)
-----------------------------------------------------------------------------------------------------------------------
"Andy" <kc2ine@xxxxxxxxx> wrote in message news:ecXoFG2FIHA.284@xxxxxxxxxxxxxxxxxxxxxxxHi,
What is the best approach for a application havily using remote database to connect to?
Somebody suggested Web service, but isn't that slow and to big overhead for such application?
.
- References:
- accessing remote database
- From: Andy
- Re: accessing remote database
- From: William Vaughn
- Re: accessing remote database
- From: Andy
- accessing remote database
- Prev by Date: Re: SQL 2000 on SBServer 2003
- Next by Date: RE: SQL Server Management Studio don't see local SQL Server 2005 Devel
- Previous by thread: Re: accessing remote database
- Next by thread: RE: SQL Server Registration Failed.
- Index(es):
Relevant Pages
|
