By default if you connect to a remote SQL Server via an account that has access to say 1 of the 10 databases. You will still see in the Object Explorer all other databases, obviously due to permissions you cannot actually query them, but you can see their names. I have heard that there is a method that disable this behavior, but I've b...
I want to grant a user permission to create, alter, and execute stored procedures, but without the ability to create other database objects. I excluded them from the role db_ddladmin, but explicitly granted the permissions "Create procedure" and "Execute". These permssions appear in the effective permissions list. However, when I try ...
Hi. I am part of a team creating a web application using PHP and MySQL. The application will have multiple users with different roles. The application will also be used in a geographically distributed manner. Accordingly we need to create an access control system that operates at the following two levels: Controls user permissions fo...
I'm implementing some rudimentary SQL Server monitoring to watch for excessive blocking. I have a stored procedure that looks like this: CREATE PROCEDURE [dbo].[bsp_GetBlockedProcessCount] AS BEGIN SET NOCOUNT ON; DECLARE @count INT SELECT @count = COUNT(*) FROM master.dbo.sysprocesses WITH (NOLOCK) WHERE blocked ...
In testing, the user on a db i've used was a big jefe. in production, he only has Execute. When i called Membership.DeleteUser(user) in testing, it worked. I try the same in production, and i get this: The DELETE statement conflicted with the REFERENCE constraint "FK__aspnet_Us__UserI__37703C52". The conflict occurred in database ...
I am working on a product that runs an SQL server which allows some applications to login and their logins are granted permission to run a stored procedure- AND NOTHING ELSE. The stored procedure is owned by an admin; the stored procedure takes a query and executes it, then the results are returned to the application. Unfortunately I c...
I have two Microsoft SQL Server 2000 databases, and a stored procedure on one tries to read data from the other. This used to work fine, but since I became security-conscious and changed the login (SQL user) from "db owner" to "denydatareader" the call fails. I can get things working if I use the group "datareader", but since I do not w...
I have a web app that have many tables (each represents a POJO). I wrote mapping files for each class and then use Hibernate's SchemaExport to generate the tables in my database. Now I want to create 2 additional tables for each existing table that was created: User permission table - stores user permissions on the POJO specific to ea...
I always wonder what are the exact access rights and permissions I need to give to a sql login which I use from my asp.net application to access database. The application execute some stored procedures which insert, update and delete data into tables. I do select, delete, update directly on the tables also. Also there are some triggers. ...
What's the best practice to store database credentials in a CMS? Now i declare them in my Database singleton class: $this->credentials = array("hostname"=>"hostname", "username"=>"username","password"=>"password", "database"=>"database"); But it's not so intuitive to search where to change them and also i'm planning to makre inmstall f...
Hello everyone. I have one user in my database, and I want to grant to him permission to read only one view, nothing more, no tables, nothing. How can I do this? Thanks a lot. P.S.: I am using MS SQL Server 2005 ...
Hi All, I'm looking for a good way to maintain permissions on who can add data to a database in a C# app and SQL Server 2005. I need to explain though to make this clear. So let's take an example of this: I have two users Bob and Jim, both have been added to the SQL permissions so they have write access to the database. Now all access...
for security reason, what is the minimum access level the asp.net membership user could have? ...
Many of my employers applications share a similar internal permission structure for restricting data to a specific set of users or groups. Groups can also be nested. The problem we're currently facing with this approach is that enumerating the permissions is incredibly slow. The current method uses a stored procedure with many cursors a...
After this comment to a my question, im thinking if is better using 1 database with X schemas or viceversa. My situation: im developing a web-app where, when people do register, i create (actually) a database (no, its not a social network: everyone must have access to his own data and never see the data of the other user). Thats the wa...
I need to find out which schemata have already been granted execute permission on a certain object in an Oracle 10g db (in this case, a package). What's the simplest way for me to do this? Is there a built-in function to provide this information? ...
My ASP.NET v3.5 web application is throwing the following exception when it attempts to open a connection to a SQL Server 2008 database: System.Data.SqlClient.SqlException: Cannot open database "MyDbName" requested by the login. The login failed. Login failed for user 'NT AUTHORITY\IUSR'. The thing is, I've added NT AUTHOR...
I Just need to create table from a user to any user under the same DB. letz consider 3 Schemas. Schema_1,Schema_2 and Schema_3. schema 1 had DBA Privilege. Is it possible to table in SChema_2 or Schema_3 from Schema_1???? or we need to give this role "CREATE ANY TABLE" also ?? ...
I'm trying to host an asp.net website using iis 5.1 on my computer using xp pro. I'm using windows authentication in iis. Folder permissions for the site are set to allow authenticated users. Impersenation has been set to true in the web.config file. The website uses a local database which works just fine when accessed through VWD expr...
I am using LinqToSQL and a trusted connection to handle database selects/updates/inserts/deletes. In the past I have always used stored procedures and only granted execute permission to the Application Pool identity for the particular sproc in the database. This is my first LinqToSql project (and I really love how much it helps). I wo...