December 22, 2013 at 12:59 am
I have a database which is used for a web application(not website).
For each web application user, Is it advisable to create separate db user?
Now I have a single db user to access from the web application. My objective is to have an audit trail for any update or delete. If I am using AFTER DELETE Trigger, I am not able to identify the exact user who is deleting the record.
Please advise me the right way to go ahead.
Thank you in advance.
December 22, 2013 at 3:12 pm
nainamohamedy (12/22/2013)
I have a database which is used for a web application(not website).For each web application user, Is it advisable to create separate db user?
Now I have a single db user to access from the web application. My objective is to have an audit trail for any update or delete. If I am using AFTER DELETE Trigger, I am not able to identify the exact user who is deleting the record.
Please advise me the right way to go ahead.
Thank you in advance.
To be clear, I haven't been a "front end" Developer since 2002 so someone else will be able to provide a much better answer. I don't know the methodology of how to do it in managed code but, somehow, you need to pass the credentials of the person using the web application to the database in order to do what you want it to do. It may be that you need to pass the user credentials as a parameter with every thing you do against the database, but I can't imagine needing to do such a thing.
And, no... you shouldn't have to create a separate user in the DB for each user. It would, however, be advisable to create an Active Directory group in windows and make each authorized user a member of that group, setup the database for "Windows Authentication", and then make a windows login for that group.
--Jeff Moden
Change is inevitable... Change for the better is not.
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply