RE: SQLXML Newbie Question...

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: at (Mark)
Date: 10/19/04 

Date: Tue, 19 Oct 2004 09:43:04 -0700

I want to require a password on my web serivce. In other words, I don't want
just anyone calling my service if they find the WSDL file. I'm assuming you
create SQL Server logins, but how do you pass the credentials to the service?
...or like parameters with default values, does the SQLXML toolkit
automatically add additional parameters to the call's signature?

Mark

"billr" wrote:

> On the Security tab you will find an option for "Use Basic Authentication
> (Clear Text) to SQL Server account"
>
> or have I read wrong, and you would like to require a password to your web
> service?
>
> "Mark A. Donohoe" wrote:
>
> > Ok, forgive me if this is an obvious one, but how can I configure a service
> > to require the username/password rather than specifying it with the SQLXML
> > IIS tool? I want to plae my web service on the public internet but it needs
> > to be secure.
> >
> > Also, for the record, this isn't any sensitive data or anything so even
> > sending the user/pass in plain text in the HTTP stream is fine. If anything,
> > I'm just more trying to find out how to pass the credentials because such a
> > scenario would be really great for internal use too where HTTPS, etc. isn't
> > needed and is overkill.
> >
> > So... how'd ya do it? FYI, I'm using VS.NET 2003 to develop both a Windows
> > Forms and an ASP.NET client app for the service. (I'm also working on both a
> > Pocket PC .NET Compact Framework app as well as a Pocket PC native C++ Win32
> > app and the same two for SmartPhones as well.)
> >
> > TIA,
> >
> > Mark

Relevant Pages

  • Re: Balancing security needs in ADO.NET applications
    ... See my article http://www.developer.com/db/article.php/3693236 that shows how to put together a hierarchical TableAdapter using SPs. ... Hitchhiker's Guide to Visual Studio and SQL Server ... SQL Server credentials or the application's logon/pw. ... all they can do is run specific SPs that carefully guard the data and do not permit gross operations like dropping tables or changing rights. ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: Login failed for user . The user is not associated with a trusted SQL Server connection.
    ... he never mentioned he is impersonating in asp.net - so no delegation needed. ... Cassini runs with the credentials of the interactive user - which seems to have access to sql - in contrast to the local ASPNET account - which i am trying to tell him since 2 days.... ... yes - use explicit credentials and enable mixed mode auth in sql server to get this to work. ...
    (microsoft.public.dotnet.security)
  • Re: Transaction handling - Read Committed
    ... Yes this behavior is due to the Read Committed Isolation level requirements ... and has nothing really to do with SQL Server. ... As Mark pointed out you can ... >>> This query does not return with results till query 1 completes. ...
    (microsoft.public.sqlserver.programming)
  • Re: long running queries
    ... Mark is right -- you don't have much of an option with SQL Server 2000. ... >> that would result in a large data set and complex query, ... > Some of the client tools will warn you if the query looks like its going ...
    (microsoft.public.sqlserver.olap)
  • Re: Balancing security needs in ADO.NET applications
    ... you can't control security at this level) user access is determined by their ... SQL Server credentials or the application's logon/pw. ... Hitchhiker's Guide to Visual Studio and SQL Server ...
    (microsoft.public.dotnet.framework.adonet)