Security

Technical Article

Database Activity Monitoring Part 2 - SQL Injection Attacks

  • Article

If you think through the web sites you visit on a daily basis the chances are that you will need to login to verify who you are. In most cases your username would be stored in a relational database along with all the other registered users on that web site. Hopefully your password will be encrypted and not stored in plain text.

2010-03-10

3,893 reads

External Article

Using a Parent Child Hierarchy in SQL Server to Implement a Custom Security Scheme

  • Article

I have a requirement to implement a custom security scheme where roles and the user's place in the organization hierarchy are used to determine which customers a user can access. In particular the requirements are that a sales person can only access their customers and any other role can access any customer in their level of the organization hierarchy and below. We have a simple hierarchy that is made up of regions and offices. Can you provide us with an example of how to do this?

2010-03-01

3,410 reads

External Article

SQL Server Impersonation

  • Article

SQL Server impersonation, or context switching, is a means to allow the executing user to assume the permissions of a given user or login until the context is set back, set to yet another user, or the session is ended. Deanna Dicken shows you two mechanisms for accomplishing this task and walks through some examples.

2010-02-25

2,388 reads

SQLServerCentral Article

Using a Certificate Signed Stored Procedure to Execute sp_send_dbmail

  • Article

Learn how to create a certificate signed stored procedure to solve common permissions problems using sp_send_dbmail. MVP Jonathan Kehayias brings us a short tutorial that discusses your options and code to show you how to implement certificate security.

(36)

You rated this post out of 5. Change rating

2009-12-17

10,576 reads

External Article

SQL Server Security Audit Report

  • Article

If your company needs to go through a SOX (Sarbanes–Oxley) audit or any security audit, the DBA has to provide security information to them. If you have purchased third party tools to provide this information that is great. If you don't have third party tools and need to go through many servers to provide this information it can be a hassle and very time consuming. So I put together a script to generate a report that I could just review. The script generates a report of all elevated level accounts and any possible security holes.

2009-11-20

3,602 reads

Blogs

Automatic Index Compaction

By

Index maintenance has always meant nightly jobs and a window you have to defend....

The Goldilocks problem – Materialized Views

By

I’m sure you’ve all heard the tale of Goldilocks and the Three Bears, but...

Monday Monitor Tips: Virtual Machine Usage and Cost

By

One of the things I’ve been requesting for a number of years is cost...

Read the latest Blogs

Forums

SQL Art, Part 4: Happy 4th of July — A British DBA's Guide to Celebrating a War We Don't Talk About

By Terry Jago

Comments posted to this topic are about the item SQL Art, Part 4: Happy...

How We Handled a Vendor Retry That Loaded Twice in Snowflake

By Chandan Shukla

Comments posted to this topic are about the item How We Handled a Vendor...

Cognitive Coverage

By Steve Jones - SSC Editor

Comments posted to this topic are about the item Cognitive Coverage

Visit the forum

Question of the Day

Getting the Average

I have this data in the dbo.Commission table in a SQL Server 2022 database.

salesperson commission
Brian       12
Brian       16
Andy        7
Andy        14
Andy        21
Steve       20
Steve       NULL
All the data is a varchar, and I decide to run this query to get the totals for each salesperson.
SELECT SalesPerson
     , AVG(TRY_PARSE(Commission AS int)) AS TotalCommission
 FROM commission
 GROUP BY SalesPerson
GO
What average commission is calculated for Steve?

See possible answers