Changing to mixed mode

From: mike wade (michael.wade1@btinternet.com)
Date: 08/09/02 

From: "mike wade" <michael.wade1@btinternet.com>
Date: Fri, 9 Aug 2002 08:24:50 -0700

Im probably not answering your question as such, but if
you force all data access through stored procedures and do
not grant the users permissions to the tables then you
shouldnt have the problem of users trying to access the
data directly, so problem solved.

It is also good practice to have all access through SP s
anyway because this insulates the client applications from
structural changes in the database.

>-----Original Message-----
>Hi,
>
>We have an SQL 2000 server on a domain and are producing
some ASP
>applications (residing on a windows 2000 server running
IIS5) which
>access data in a number of different databases. The SQL
server is
>currently set for windows authentication only. We want
to allow
>groups of domain users to use the application to get data
from the SQL
>server but do not want them to have any other way of
connecting to the
>data (eg ODBC). This is because the ASP application/s
need to filter
>the data in certain tables depending on who the user is.
>
>So we are discussing moving over to mixed authentication
and letting
>the applications connect to the SQL server using an SQL
account/s.
>
>I just need to know if there are any security
inplications of doing
>things this way.
>
>Thank you in advance
>
>Richard
>.
>

Relevant Pages

  • Re: Q: Named pipes and Windows (integrated) authentication
    ... >By the way, if you don't have SQL Enterprise Manager, there's an MSDE ... >>>his windows authentication to connect to the server. ... >>>Creating databases is only acomplished after you've already connected. ...
    (microsoft.public.sqlserver.connect)
  • Re: ASP.NET Application Gets Frequent SQL Timeout Exceptions
    ... I'd imagine you've never worked in a real data center where you have a tone of server-based products and mainframes where a lot of the windows applications were written in VB6 and/or COM and must run as a foreground application on the server. ... There is a single connection defined in the web.config file that is only used for the ASP.NET application. ... Typically when I notice the problem, I do not see any SQL activity or any blocking and I do not see any real CPU activity either. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Connection Pooling
    ... Any idea where and how we can limit the number of connections to SQL ... that's what I mean when I say SQL authentication (SQL Server has ... >>> If you are using Windows Authentication you may or not has a problem. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: server error 18456 when trying to login
    ... I do not think the problem is SQL server as it looks like I now have ... will you check out your Windows Event Logs to have more info about ... password changed to log onto my machine (windows authentication) so ...
    (microsoft.public.sqlserver.setup)
  • Re: User ID issue - urgent
    ... And one other thought....if you changed the authentication to SQL ... Server and Windows Authentication from Windows Only, ... Does this involve a connection string at all or are you trying through ...
    (microsoft.public.sqlserver.security)
Loading