Re: Securing Connection string

From: Andrea Montanari (andrea.sqlDMO_at_virgilio.it)
Date: 05/08/04 

Date: Sat, 8 May 2004 23:05:37 +0200

hi,
"qa" <anonymous@discussions.microsoft.com> ha scritto nel messaggio
news:095E2C7E-E2BB-4650-8F73-2458D142802E@microsoft.com...
> Thanks Andrea for the reply. You mentioned something like this:
>
> "I do not find this a good solution, becouse you resort to something
similar
> to an application role if all your users will login with the same
> credentials... you loose the possibility to identify users and loose
> eventually audit features"
>
> Then what do you recommend I do. How do I assign rights to the SQL Server
instance my app will be using and how to I assign the rights to my database
and it's objects. See I understand that the integrated security is
recommended to avoid the users from having to login again and again (once on
the machine and then for the sql server), but the users have to login for
the 2nd time anyways in my app (my app' first screen is username and
password). So what do you recommend I do.
>
> Please suggest.

if you really need to present a login screen, then use that provided
information to log in MSDE too..
SQL Server security is still used more then integrated security, but that
way you still have users credential for audit information and still have all
the potential of SQL Server authentication...
in your case, the first login user must still be "sa", who has to create
further "users" (with associated logins underneath) and set their
privileges, then these additional users are granted login to your app too...
your application's user management forms must be stricly integrate with SQL
Server logins/db-users management.. 

-- 
Andrea Montanari (Microsoft MVP - SQL Server)
http://www.asql.biz/DbaMgr.shtm        http://italy.mvps.org
DbaMgr2k ver 0.7.0  -  DbaMgr ver 0.53.0
(my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
interface)
--------- remove DMO to reply

Relevant Pages

  • Re: Login failed for user NT AUTHORITYANONYMOUS LOGON
    ... Do you want the Windows App ... This means that each application user will have to have a SQL Server login ... > Web service on a w2K3 server, using integrated authentication, web.config ...
    (microsoft.public.dotnet.distributed_apps)
  • Re: VB6 Using ADO to Login to SQL Server using NT Authentication
    ... SQL Login and NT Login are in the group that SQL Server security login ... The SQL Server is setup for NT ... achieve this your app will need to impersonate an NT account that is valid ...
    (microsoft.public.vb.database.ado)
  • Re: Login problem
    ... that MSDN article was exactly what I needed. ... you would not want to use a UID parameter, that is for SQL Server ... My app requires a user to login to the database. ...
    (microsoft.public.sqlserver.security)
  • Login problem
    ... This is probably all due to my limited understanding of SQL Server security, ... My app requires a user to login to the database. ... SQL Server is set up to use mixed authentication. ...
    (microsoft.public.sqlserver.security)
  • Re: Error Message When Connecting to SQl Server Data
    ... > How do I telnet on port 1433, and How do I grant login to my MSDE ... SQL Server Windows logins... ... Andrea Montanari (Microsoft MVP - SQL Server) ...
    (microsoft.public.sqlserver.msde)