July 2, 2009 at 2:28 pm
Lets start with terms..
SQL Login = account that allows you to access the server, but not really any databases.
Database User = a user account in a database tied to a SQL Login, this provides the linkage between a login and access into a database, you still don't really have access to anything IN the database..
Database Role = a name of similarly related permissions, such as role_Reports, or role_WebApp, database users are given membership to roles.
You can now create objects, tables, views, sprocs, in the database and give the appropriate user appropriate permissions each.
As a strong design goal recommendation, since you are building a web app, DO NOT build the queries in the web page and send them to the database, use stored procedures to perform the logic in the database. The primary reason for this is security, also there is then no reason to give the webapp user access to the tables, only the sprocs. That way if the login information is ever compromised or your app is hacked you have limited the potential damage..
Clear?
CEWII
July 3, 2009 at 7:23 am
I appreciate the answer it turns out I required my Administrator to set up the login account for the app I didn't have appropriate rights on the server to do myself. I was actually interested in the actual mechanics of how to do it.
Thanks,
Viewing 2 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply