Re: Locking out MS Access Users...
From: Adam Machanic (amachanic_at_hotmail._removetoemail_.com)
Date: 02/24/05
- Next message: Peter: "Re: Logins created by default"
- Previous message: Sue Hoegemeier: "Re: Does it require sa to create dts package?"
- In reply to: rich: "Re: Locking out MS Access Users..."
- Next in thread: Steve Thompson: "Re: Locking out MS Access Users..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 24 Feb 2005 14:25:10 -0500
"rich" <rich@discussions.microsoft.com> wrote in message
news:134E800A-6E80-46B4-8752-5D7D4EA035CF@microsoft.com...
> Based on MS documentation, the biggest drawback for web applications is
the
> loss of connection pooling.
>
> See "Building Secure ASP.NET Applications" on the MS site.
Thanks; there is some great info there. I read the section on connection
pooling and application roles (can be found in this page:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetch12.asp )
and I agree with you, given the issues it's probably not a good solution for
a web-based application. I think the simplest solution is, assign
permissions for the web app to hit the stored procedures, and don't give the
Access users any access (no pun intended :) )...
-- Adam Machanic SQL Server MVP http://www.sqljunkies.com/weblog/amachanic --
- Next message: Peter: "Re: Logins created by default"
- Previous message: Sue Hoegemeier: "Re: Does it require sa to create dts package?"
- In reply to: rich: "Re: Locking out MS Access Users..."
- Next in thread: Steve Thompson: "Re: Locking out MS Access Users..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
