February 27, 2007 at 8:15 am
I'm using bcp inside a sql server stored procedure. this bcp command is using login ID and password to connect to the database and copy some rows into a file.
I would like to know if it is possible to hide the login ID and password. I don't want to hard code them in the stored procedure. or if there is a way to read those login and password from a safe place.
Thank you for your help
February 27, 2007 at 8:22 am
Here are some things you can try:
(1) Create your stored procedure with encryption so nobody can read it
(2) Use DTS instead of bcp
(3) Use Windows authentication instead of SQL
John
February 27, 2007 at 8:55 am
John has great suggestions, but how are you calling BCP? Is this something a person runs or is it automated?
February 27, 2007 at 9:03 am
Thank you guys for your replies. I really appreaciate it.
it is automated. I run it from a stored procedure.
ex: bcp "select rights from appl where order by rights" queryout \\'+@servername+'\file.txt -c -S"'+@servername+'\instance" -U"username" -P"password"
I just read about trusted connection (-T) where I don't specify username and password. is it secure enough. is it a good idea.
Bakr
February 27, 2007 at 9:10 am
Bakr
Yes, a trusted connection is the same thing as using Windows authentication. I'm not quite sure how it would work - you'd need to experiment. But I think either that the user calling the procedure would need to be mapped to a Windows login, or the owner of the procedure would need to be.
John
February 27, 2007 at 9:31 am
Yes trusted connection worked too. I just added -T to the statement and I ommited login ID and PWD.
Thanks to everybody
Bakr
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply