Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Get your favorite SSC scripts directly in SSMS with the free SQL Scripts addin. Search for scripts directly from SSMS, and instantly access any saved scripts in your SSC briefcase from the favorites tab.
Download now (direct download link)

Return User Roles

By Crosbie Christopher,

I too often have seen internal company software with a SQL Server data source which relies on a single user name and password in a connection string. Even though the software itself creates tiered security and roles, if the connection string(or connecting user) is compromised so is all the security assignments set up by the programmers.

My solution to this problem is to use the Windows Authentication model and assign roles to specific users based on what they can and can not do.

I call this stored procedure on the program startup(which does connect using a single SQL authenticated user with Execute permissions on the procedure) to determine which roles the user has.

Using this sproc on the startup gives our programmers the flexablity to taylor the program choices and views to what the user has the ability to do. It also prevents unauthorized access exceptions.

Currently, this procedure is not designed to work with users that actually own a role but it could be modified.

 

 

 

 

Total article views: 1134 | Views in the last 30 days: 1
 
Related Articles
FORUM

Which Stored Procedure changed

Which Stored Procedure changed

FORUM

Call Another stored procedure which returns muliple rows

Call Another stored procedure which returns muliple rows

FORUM

List out all the procedures which uses a particualr table.

List out all the procedures which uses a particualr table.

FORUM

stored procedure which checks the value in another table

stored procedure which checks the value in another table

FORUM

Stored procedure which has problem with the function return value

Stored procedure which has problem with the function return value

 
Contribute