Re: Application roles Please Help!
From: Pura (pn2kt@yahoo.com)
Date: 01/14/03
- Next message: Paul: "Permissions question"
- Previous message: Dane Dickey: "SQL Job Running Remote Query"
- In reply to: Dan Guzman: "Re: Application roles Please Help!"
- Next in thread: Dan Guzman: "Re: Application roles Please Help!"
- Reply: Dan Guzman: "Re: Application roles Please Help!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Pura" <pn2kt@yahoo.com> Date: Tue, 14 Jan 2003 15:46:25 GMT
Dan,
May I point out that with the guest account, any server login will have
access to any db even without permissions.
"Dan Guzman" <danguzman@nospam-earthlink.net> wrote in message
news:OA7PM33uCHA.1676@TK2MSFTNGP10...
> Other databases can be accessed only via the guest user security context
> once an application role is activated. However, you don't need to grant
> permissions on the referenced object in the 'MDB_TAB_01' databases as
> long as the objects involved have the same owner. Because your objects
> are owned by 'dbo', both databases have the same owner so that the
> objects are owned by the same login.
>
> Since the guest user needs no object permissions in this scenario, this
> may appease your DBA. The application role needs permissions only on
> the objects directly referenced in the application database.
>
> --
> Hope this helps.
>
> Dan Guzman
> SQL Server MVP
>
> -----------------------
> SQL FAQ links (courtesy Neil Pike):
>
> http://www.ntfaq.com/Articles/Index.cfm?DepartmentID=800
> http://www.sqlserverfaq.com
> http://www.mssqlserver.com/faq
> -----------------------
>
> "Magnus Pettersson" <magnus@businessvision.se> wrote in message
> news:e7emsB2uCHA.2568@TK2MSFTNGP12...
> > If I do this I get
> > Server: Msg 916, Level 14, State 1, Procedure TestViewMP, Line 3
> > Server user 'Conn2000' is not a valid user in database 'MDB_TAB_01'.
> >
> > This is due to the Application role
> > I have a view called TestViewMP
> > looks like
> > CREATE VIEW dbo.TestViewMP
> > AS
> > SELECT *
> > FROM MDB_TAB_01.dbo.AAR
> > Granted to the Application role
> >
> > Magnus
> >
> > "Pura" <pn2kt@yahoo.com> wrote in message
> > news:rPFU9.612$M%5.439875740@newssvr11.news.prodigy.com...
> > > create your views as dbo then grant select to the App role. The
> remote
> > table
> > > should also be owned by dbo.
> > >
> > > "Magnus Pettersson" <magnus@businessvision.se> wrote in message
> > > news:e4GKHwzuCHA.1960@TK2MSFTNGP11...
> > > > Hi !
> > > >
> > > > We are using application roles in our client.
> > > >
> > > > Now we would like to run a remote procedure or call a
> > > > view with a table in an other database.
> > > >
> > > > Is there a workaround without using the guest account,
> > > > the DBAdmin is not fond of using the guest account, to connect to
> > another
> > > > database ?
> > > >
> > > > Any suggestion is fine
> > > >
> > > > Best regards Magnus
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Paul: "Permissions question"
- Previous message: Dane Dickey: "SQL Job Running Remote Query"
- In reply to: Dan Guzman: "Re: Application roles Please Help!"
- Next in thread: Dan Guzman: "Re: Application roles Please Help!"
- Reply: Dan Guzman: "Re: Application roles Please Help!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
