Loved the article but it does not address an injection string of the type Usename:= "(Select * from Internet.Students)" where the configured user has access to execute against stored proc against the internet.Students table.