database-permissions

Limit Database List to Ones With Permission SQL Server

By default if you connect to a remote SQL Server via an account that has access to say 1 of the 10 databases. You will still see in the Object Explorer all other databases, obviously due to permissions you cannot actually query them, but you can see their names. I have heard that there is a method that disable this behavior, but I've b...

SQL Server 2005 - Granting permission to create stored procedures (but no other objects)

I want to grant a user permission to create, alter, and execute stored procedures, but without the ability to create other database objects. I excluded them from the role db_ddladmin, but explicitly granted the permissions "Create procedure" and "Execute". These permssions appear in the effective permissions list. However, when I try ...

PHP Access Control System

Hi. I am part of a team creating a web application using PHP and MySQL. The application will have multiple users with different roles. The application will also be used in a geographically distributed manner. Accordingly we need to create an access control system that operates at the following two levels: Controls user permissions fo...

How do I grant limited access to sysprocesses in SQL Server 2005?

I'm implementing some rudimentary SQL Server monitoring to watch for excessive blocking. I have a stored procedure that looks like this: CREATE PROCEDURE [dbo].[bsp_GetBlockedProcessCount] AS BEGIN SET NOCOUNT ON; DECLARE @count INT SELECT @count = COUNT(*) FROM master.dbo.sysprocesses WITH (NOLOCK) WHERE blocked ...

ASP.Net Membership.DeleteUser

In testing, the user on a db i've used was a big jefe. in production, he only has Execute. When i called Membership.DeleteUser(user) in testing, it worked. I try the same in production, and i get this: The DELETE statement conflicted with the REFERENCE constraint "FK__aspnet_Us__UserI__37703C52". The conflict occurred in database ...

User Granted Access to Stored Procedure but Can't Run Query

I am working on a product that runs an SQL server which allows some applications to login and their logins are granted permission to run a stored procedure- AND NOTHING ELSE. The stored procedure is owned by an admin; the stored procedure takes a query and executes it, then the results are returned to the application. Unfortunately I c...

Why can't a stored procedure read a table from another database (I must be using GRANT and DENY wrongly)

I have two Microsoft SQL Server 2000 databases, and a stored procedure on one tries to read data from the other. This used to work fine, but since I became security-conscious and changed the login (SQL user) from "db owner" to "denydatareader" the call fails. I can get things working if I use the group "datareader", but since I do not w...

Hibernate: Is there a way to programatically create new tables that resemble an existing one?

I have a web app that have many tables (each represents a POJO). I wrote mapping files for each class and then use Hibernate's SchemaExport to generate the tables in my database. Now I want to create 2 additional tables for each existing table that was created: User permission table - stores user permissions on the POJO specific to ea...

Permission rights for SQL login accessing Database for ASP.Net Application

I always wonder what are the exact access rights and permissions I need to give to a sql login which I use from my asp.net application to access database. The application execute some stored procedures which insert, update and delete data into tables. I do select, delete, update directly on the tables also. Also there are some triggers. ...

How do you store database credentials in typical CMS build on PHP?

What's the best practice to store database credentials in a CMS? Now i declare them in my Database singleton class: $this->credentials = array("hostname"=>"hostname", "username"=>"username","password"=>"password", "database"=>"database"); But it's not so intuitive to search where to change them and also i'm planning to makre inmstall f...

Grant permission to only a view

Hello everyone. I have one user in my database, and I want to grant to him permission to read only one view, nothing more, no tables, nothing. How can I do this? Thanks a lot. P.S.: I am using MS SQL Server 2005 ...

SQL Permissions to Add data and how to verify?

Hi All, I'm looking for a good way to maintain permissions on who can add data to a database in a C# app and SQL Server 2005. I need to explain though to make this clear. So let's take an example of this: I have two users Bob and Jim, both have been added to the SQL permissions so they have write access to the database. Now all access...

what is the minimum access level on a sql server the asp.net membership need?

for security reason, what is the minimum access level the asp.net membership user could have? ...

Database Permission Structure

Many of my employers applications share a similar internal permission structure for restricting data to a specific set of users or groups. Groups can also be nested. The problem we're currently facing with this approach is that enumerating the permissions is incredibly slow. The current method uses a stored procedure with many cursors a...

Postgresql: is better using multiple databases with 1 schema each, or 1 database with multiple schemas?

After this comment to a my question, im thinking if is better using 1 database with X schemas or viceversa. My situation: im developing a web-app where, when people do register, i create (actually) a database (no, its not a social network: everyone must have access to his own data and never see the data of the other user). Thats the wa...

How do I check which schemata have been granted EXECUTE permission on an Oracle object?

I need to find out which schemata have already been granted execute permission on a certain object in an Oracle 10g db (in this case, a package). What's the simplest way for me to do this? Is there a built-in function to provide this information? ...

The error "Login failed for user 'NT AUTHORITY\IUSR'" in ASP.NET and SQL Server 2008

My ASP.NET v3.5 web application is throwing the following exception when it attempts to open a connection to a SQL Server 2008 database: System.Data.SqlClient.SqlException: Cannot open database "MyDbName" requested by the login. The login failed. Login failed for user 'NT AUTHORITY\IUSR'. The thing is, I've added NT AUTHOR...

Is Oracle DBA Privilege include "CREATE ANY TABLE" role???

I Just need to create table from a user to any user under the same DB. letz consider 3 Schemas. Schema_1,Schema_2 and Schema_3. schema 1 had DBA Privilege. Is it possible to table in SChema_2 or Schema_3 from Schema_1???? or we need to give this role "CREATE ANY TABLE" also ?? ...

how to set permissions for sql database?

I'm trying to host an asp.net website using iis 5.1 on my computer using xp pro. I'm using windows authentication in iis. Folder permissions for the site are set to allow authenticated users. Impersenation has been set to true in the web.config file. The website uses a local database which works just fine when accessed through VWD expr...

What permissions should SQL Server User be granted for LinqToSql?

I am using LinqToSQL and a trusted connection to handle database selects/updates/inserts/deletes. In the past I have always used stored procedures and only granted execute permission to the Application Pool identity for the particular sproc in the database. This is my first LinqToSql project (and I really love how much it helps). I wo...