| Author |
Topic |
|
shyamprasad76
Starting Member
38 Posts |
 Posted - 2002-01-10 : 12:56:09
|
| Hi,I have an application that has to run against a SQL server database.Now, I am trying to decide the security aspect of the application.I wanted to create an "Application Role" in SQL Server so that whoever access the application will be stream lined through this "Application Role" that I have created while trying to connect to the database.My question is what would be my Userid & Password when I configure the ODBC through the control panel.Alternatively if I use ADO connection string to connect to the database, what would be my userid and password? And how would I be able to specify that the application should use the "Application Role" that I have created in the SQL Server to gain access to the database.NOTE: I learnt from Books Online that I cannot add users to the application role.Please clarify,Thanks,Prasad. |
|
|
nr
SQLTeam MVY
12543 Posts |
Posted - 2002-01-10 : 15:22:35
|
| The application runs sp_setapprole to give the user permissions associated with the role.==========================================Cursors are useful if you don't know sql.Beer is not cold and it isn't fizzy. |
 |
|
|
shyamprasad76
Starting Member
38 Posts |
Posted - 2002-01-10 : 15:38:40
|
| Hi,I just wanted to get little bit more clarified.If i am running a VB project, what would be my user id and password in the connection string if i am using an 'Application role' to connect to database.The reason why i am asking this question is because we could not assaign a 'USER' to the App role and i need to put in login and pswd while craeting the DSN.Thanks for the help,Shyam.The application runs sp_setapprole to give the user permissions associated with the role. |
|
|
|
izaltsman
A custom title
1139 Posts |
|
|
nr
SQLTeam MVY
12543 Posts |
Posted - 2002-01-10 : 16:44:45
|
| The idea is that you are delegating security to the application role. Anything that can access the role gets permission to do whatever the application can.You just need to connect to the server with the application by any means. The login just needs to have permission to call sp_setapprole then the application will have permissions granted by that role.==========================================Cursors are useful if you don't know sql.Beer is not cold and it isn't fizzy. |
|
|
|
shyamprasad76
Starting Member
38 Posts |
Posted - 2002-01-11 : 11:01:59
|
| Thanks for the article. It made me clear of the whole concept.I am using RDO as the data access mode in the Visual Basic project.Do you think the whole thing (Using APP role ) is supported by RDO's.- Shyam |
|
|
|
nr
SQLTeam MVY
12543 Posts |
Posted - 2002-01-11 : 11:18:28
|
| Your first post said ado now you are talking about rdo!The application role is just a means of assigning permissions to the connection - it shouldn't matter how you connect.The first thing the application does is connects to the application role. As long as you keep the connection up you will have permission.I wonder if you really want to use an apllication role though.You are basically saying that anyone who can load the application can use it.You might want to consider mapping all the users nt accounts to a role and using nt security if you have an nt environment.==========================================Cursors are useful if you don't know sql.Beer is not cold and it isn't fizzy. |
|
|
|
AjarnMark
SQL Slashing Gunting Master
3246 Posts |
Posted - 2002-01-11 : 18:12:08
|
| If everybody using your application is going to have the same database permissions, then why bother with an AppRole? Why not just create a SQL User that has the permissions you want them to have, and have your application connect with that User ID? It seems that would also get around the concerns that "Jeffrey" raised in the article mentioned above.--------------------------------There's a new General in town... |
|
|
|
|
Sql Application Role