ASPNET user in MSDE

Hello.

I am using MSDE in an ASP .NET application using forms authentication in order to the user can visit my website anonymously but have to authenticate in some pages.

Web server and MSDE server are in the same computer.

I would like to know how role I should set for the ASPNET sql server user. I am using Microsoft SQL Web Data Administrator and when I am creating the ASPNET user, then a page with some roles is shown.

Roles like public (default), db_owner, db_accessadmin, db_datareader, db_datawriter...

I had applied db_datareader and db_datawriter but now, when I use store procedures in my code, an error is made so I have applied db_owner role for the ASPNET user.

Is this correct or db_owner is a excessive privileged role for the ASPNET user?

Thank you and sorry for my English.DONT EVER GIVE THAT USER DB_OWNER!! You're setting yourself up for sql inject attacks.

The best thing to do is create a role named WebUser and add the asp.net user to that role. Then grant execute permissions to the user.

Here's the script that you need:

exec sp_addrole 'WebUser'
go
exec sp_addrolemember 'WebUser', 'MACHINENAME\ASPNET'
go
grant execute on PROCNAME to WebUser

ASP.NET Authentication for SQL Reporting

Anyone have any good examples on how to have an ASP.NET page login to the ReportingServer to view a report without passing the authentication onto the user?

I've been attempting to use the LogonUser method in the reporting web service but I'm not having any luck. I keep getting "Unauthorized" errors... Doh!

Thanks,my app had its own set of users and my requirement was that once the user logs into the app he shouldnt have to login to report server again to view a report..so I just copied the code from login.aspx in the Pages folder and in a sep aspx page and do both the authentications in the same page and after the authentication redirect to my app instead of folder.aspx...so when the user requests a report he is not prompted for the user name..dont know what you are trying to do is similar to what I did.|||Yea, that's what I'm talking about. However, the reports are protected via IIS, so I've been trying to use the LogonUser method of the ReportingService webservice but I haven't had any luck.|||

Can you share your code?

The code to log in the web service in vb is below

rs.Credentials =New NetworkCredential("user name", "password", "domain")

Additional info can be found athttp://devx.icpconline.com/Default.aspx?PageContentID=19&tabid=147

ASP.NET 2.0 with goDaddy

I was wondering if anyone successfully managed to connect to theasp.net 2.0 features (specifically authentication) with goDaddy. Theyallow you to set up the schema for 2.0 in the SQL server, but I haveyet to manage to actually CONNECT to the SQL server using VS.NET 2005.Anyone have any suggestions? Experiences?

Hello, Brother

My name is Jose Luis, I want to connect MS SQL of GoDaddy.com with Visual Studio 2005, i have the connection that Godaddy give me, it hasn't any mistake, but when i use the GridView lanch a mistake.

Code Connection:

<?

xmlversion="1.0"?>

<!--

Note: As an alternative to hand editing this file you can use the

web admin tool to configure settings for your application. Use

the Website->Asp.Net Configuration option in Visual Studio.

A full list of settings and comments can be found in

machine.config.comments usually located in

\Windows\Microsoft.Net\Framework\v2.x\Config

-->

<

configurationxmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">

<

appSettings/>

<

connectionStrings>

<

addname="Personal"connectionString="

Server=whsql-v12.prod.mesa1.secureserver.net;

Database=DB_104431;

User ID=adminzs;

Password=Admin123;

Trusted_Connection=False

"providerName="System.Data.SqlClient" />

<

removename="LocalSqlServer"/>

<

addname="LocalSqlServer"connectionString="

Server=whsql-v12.prod.mesa1.secureserver.net;

Database=DB_104431;

User ID=adminzs;

Password=Admin123;

Trusted_Connection=False

"providerName="System.Data.SqlClient" />

</

connectionStrings>

<

system.web>

<!--

Set compilation debug="true" to insert debugging

symbols into the compiled page. Because this

affects performance, set this value to true only

during development.

Visual Basic options:

Set strict="true" to disallow all data type conversions

where data loss can occur.

Set explicit="true" to force declaration of all variables.

-->

<

compilationdebug="true"strict="false"explicit="true">

<

assemblies>

<

addassembly="ADODB, Version=7.0.3300.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/></assemblies></compilation>

<

pages>

<

namespaces>

<

clear/>

<

addnamespace="System"/>

<

addnamespace="System.Collections"/>

<

addnamespace="System.Collections.Specialized"/>

<

addnamespace="System.Configuration"/>

<

addnamespace="System.Text"/>

<

addnamespace="System.Text.RegularExpressions"/>

<

addnamespace="System.Web"/>

<

addnamespace="System.Web.Caching"/>

<

addnamespace="System.Web.SessionState"/>

<

addnamespace="System.Web.Security"/>

<

addnamespace="System.Web.Profile"/>

<

addnamespace="System.Web.UI"/>

<

addnamespace="System.Web.UI.WebControls"/>

<

addnamespace="System.Web.UI.WebControls.WebParts"/>

<

addnamespace="System.Web.UI.HtmlControls"/>

</

namespaces>

</

pages>

<!--

The <authentication> section enables configuration

of the security authentication mode used by

ASP.NET to identify an incoming user.

-->

<

authenticationmode="Windows"/>

<!--

The <customErrors> section enables configuration

of what to do if/when an unhandled error occurs

during the execution of a request. Specifically,

it enables developers to configure html error pages

to be displayed in place of a error stack trace.

<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">

<error statusCode="403" redirect="NoAccess.htm" />

<error statusCode="404" redirect="FileNotFound.htm" />

</customErrors>

-->

</

system.web>

</

configuration>

and the Error is:

Database schema could not be retrieved for this conection....

Reply inmaquina007@.gmail.com

Thanks

ASP.Net 2.0 Application Connection to SQL Server 2005 - Setup Questions

All:

I am writing an Internet/Extranet based (ASP.Net 2.0) web application that uses SQL server 2005 as the database. I am using forms authentication on my web application. I am also storing the connection string to SQL server in my web config file. The conn string is encrypted using DPAPI with entropy. I currently have created a SQL login account on my SQL server for use by the web application. This is the user ID I am using in my conn string. The reason for this is because all persons using the application will NOT have a windows login.

Here is my question: The login I created currently has defaulted to the "dbo" role and therefore has "dbo" rights to the database. I want to setup up this login accountso that all it can do is execute stored procedures. I dont want this SQL login to be able to do anything else. In my application I am using stored procedures for ALL data access functions, via a data access layer in my application. Can someone guide me step by step as to how to setup this type of access for this SQL login.

Thanks,

Blue.

The dbo user/role rights cannot be changed at all. It is the intrinsic owner of all objects in sql server and has access to all of them, whether you want it or not.

What you need to do, is to create your own sql server user, something like "MyApplicationUser", that only has exec access toyour stored procedures.

Don't go messing around with the dbo user, you can mess up your sql server installation really fast.

|||

Yes that is what I have done. I created a SQL server user/login. The only issue is when I created this I did not assign to any roles except public. Currently I have NOT granted explicit permissions to this login, to any objects, yet it is still able to run the SP's. When I look at the login I created, it states that the default schema is "dbo", therefore it is giving this login way more access then it needs.

|||

Still need help, anyone have any ideas or help? Please!

|||

Hi,

You may create your own role and add your user to that role. Here's the articles for you to refer.

http://msdn2.microsoft.com/en-us/library/ms187936(SQL.90).aspx

http://msdn2.microsoft.com/en-us/library/ms173463(SQL.90).aspx

Thanks.