Re: Limiting views on data in a table
From: Mike Lerch (mlerchNOSPAMTHANKS_at_nycap.rr.com)
Date: 06/13/03
- Next message: Steve Thompson: "Re: Auditing in SQL Server 7.0"
- Previous message: sajith: "Auditing in SQL Server 7.0"
- In reply to: Dejan Sarka: "Re: Limiting views on data in a table"
- Next in thread: Dejan Sarka: "Re: Limiting views on data in a table"
- Reply: Dejan Sarka: "Re: Limiting views on data in a table"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 13 Jun 2003 13:40:56 -0400
On Fri, 13 Jun 2003 10:27:47 +0200, "Dejan Sarka"
<dejan_please_reply_to_newsgroups.sarka@avtenta.si> wrote:
>Mike,
>
>Maybe you could help yourself with the SUSER_SNAME() system function - it
>returns the Windows login the user uses to connect to SQL Server. You could
>use it in the WHERE clause of your single stored procedure for everybody to
>compare the current user t the user4 stored in the access table. This way
>even if the user comes to the SP directly (s)he won't be able to see
>anything but own rows.
I just thought of a catch: the reports will come from an intranet
app...the SQL Server is going to be accessed through an ASP.NET
process account, not the user's original login (though I was going to
pass the login name as a parameter in the stored procedure). Couldn't
they still access it directly and, when the procedure prompted them to
enter the criteria, just enter someone else's username?
This stuff gets so complex so fast!
Lerch
- Next message: Steve Thompson: "Re: Auditing in SQL Server 7.0"
- Previous message: sajith: "Auditing in SQL Server 7.0"
- In reply to: Dejan Sarka: "Re: Limiting views on data in a table"
- Next in thread: Dejan Sarka: "Re: Limiting views on data in a table"
- Reply: Dejan Sarka: "Re: Limiting views on data in a table"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
