SQL Server Security
-
Hi,
I am in an environment that I am sure most DBA's have encountered at least once in their career and that is the old DBA vs. Developers Zone.
. I would like to develop two things:
1. A SQL user and/or role for the developer's Applications [created with VB]to access the database. What's the best way to assits them in accomplishing a one point of reference for the connection (so they don't have change lots of code) to the database?
2. We have developer's who design applications for web users. What is the most secure way to grant these web apps access to the database based off the user?
Please help as I have tried many avenues.
Thanks,
Christine
Aurora
-
1. Setup a role first. Then give a user for this role to the developer, it should be an easy item they enter once and reference. You should be able to do one per app, set them all to the same role if applicable.
2. I usually use a single SQL account per web app. Set them to a role, again. Then use a table inside the db to validate which user it is and determine what rights to give them. Managing web apps with SQL Auth is a pain.
Steve Jones
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply