All:
I am writing an Internet/Extranet based (ASP.Net 2.0) web application that uses SQL server 2005 as the database. I am using forms authentication on my web application. I am also storing the connection string to SQL server in my web config file. The conn string is encrypted using DPAPI with entropy. I currently have created a SQL login account on my SQL server for use by the web application. This is the user ID I am using in my conn string. The reason for this is because all persons using the application will NOT have a windows login.
Here is my question: The login I created currently has defaulted to the "dbo" role and therefore has "dbo" rights to the database. I want to setup up this login accountso that all it can do is execute stored procedures. I dont want this SQL login to be able to do anything else. In my application I am using stored procedures for ALL data access functions, via a data access layer in my application. Can someone guide me step by step as to how to setup this type of access for this SQL login.
Thanks,
Blue.
The dbo user/role rights cannot be changed at all. It is the intrinsic owner of all objects in sql server and has access to all of them, whether you want it or not.
What you need to do, is to create your own sql server user, something like "MyApplicationUser", that only has exec access toyour stored procedures.
Don't go messing around with the dbo user, you can mess up your sql server installation really fast.
|||Yes that is what I have done. I created a SQL server user/login. The only issue is when I created this I did not assign to any roles except public. Currently I have NOT granted explicit permissions to this login, to any objects, yet it is still able to run the SP's. When I look at the login I created, it states that the default schema is "dbo", therefore it is giving this login way more access then it needs.
|||Still need help, anyone have any ideas or help? Please!
|||Hi,
You may create your own role and add your user to that role. Here's the articles for you to refer.
http://msdn2.microsoft.com/en-us/library/ms187936(SQL.90).aspx
http://msdn2.microsoft.com/en-us/library/ms173463(SQL.90).aspx
Thanks.
No comments:
Post a Comment