Re: How to prevent connection string from user?

• Previous message: Sue Hoegemeier: "Re: Does MSSQL service account rights"
• In reply to: KPH: "How to prevent connection string from user?"
• Next in thread: Kevin McDonnell [MSFT]: "Re: How to prevent connection string from user?"
• Reply: Kevin McDonnell [MSFT]: "Re: How to prevent connection string from user?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 23 Aug 2004 08:08:11 -0500

> I 'm developing VB .NET application that access MSDE or SQL server. When I
> need to access DB, I directly send connection string to DB then another
user
> can filter my account and password.

I'm not sure I fully understand your question. You can build the connection
string in your application according to the security context desired. There
is no need to include your userid and password if you want users to connect
with their own security context.

When you want to connect with Windows authentication, specify "Integrated
Security=SSPI" without a userid and password. The current user's Windows
security credentials will be used. An example of such a SqlClient
connection string is "Data Source=MyServer;Initial
Catalog=MyDatabase;Integrated Security=SSPI".

When you want to connect with SQL authentication, the userid and password of
the desired SQL Server login needs to be specified. You can prompt the user
for these values, if needed. A SQL authentication SqlClient connection
string example is "Data Source=MyServer;Initial Catalog=MyDatabase;User
ID=MyLogin;Password=MyPassword".

-- 
Hope this helps.
Dan Guzman
SQL Server MVP
"KPH" <KPH@discussions.microsoft.com> wrote in message
news:031C6158-01CE-4767-B6DD-AD1F7777E0F1@microsoft.com...
> Hi all,
>
> I 'm developing VB .NET application that access MSDE or SQL server. When I
> need to access DB, I directly send connection string to DB then another
user
> can filter my account and password.
> Our program use SQL Mix Mode authentication that can use both Windows
> authentication and SLQ authentication log on.
> I would like to prevent my account and password when I use SQL
> authentication log on.
>
> How possible is it?
>
> Cheer,
> KPH

• Previous message: Sue Hoegemeier: "Re: Does MSSQL service account rights"
• In reply to: KPH: "How to prevent connection string from user?"
• Next in thread: Kevin McDonnell [MSFT]: "Re: How to prevent connection string from user?"
• Reply: Kevin McDonnell [MSFT]: "Re: How to prevent connection string from user?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Integrated Authentication (Kerberos) Problem ... Verify the SPN for the SQL service account is registered such as the ... >Thread-Topic: Integrated Authentication Problem ... A Windows XP SP1 with IE6 client machine ... (microsoft.public.inetserver.iis.security) Re: Utter madness! ... If it's going to be "tricky" to get a trusted connection to my SQL box ... certain authentication scenarios are harder in that set ... To do the service account approach, ... (microsoft.public.dotnet.framework.aspnet.security) Re: Can no longer connect as sa ... > Is there a reason you need to connect using SQL authentication? ... >> Login failed for user 'sa'. ... >> I can't figure out what is slightly different in the connection string. ... (microsoft.public.sqlserver.setup) Re: Bizzare SQL Network Error ... Try making sure the SQL account that you put into the connection string ... The reason the Windows app worked was because it used the account of the ... (microsoft.public.dotnet.framework.adonet) Re: Utter madness! ... Lots of people run SQL on other boxes. ... certain authentication scenarios are harder in that set up. ... Another reason is that you can avoid the whole Kerberos delegation ... To do the service account approach, ... (microsoft.public.dotnet.framework.aspnet.security)