I have a web based application that could have many clients/users.
Should I create a user account for each client browsing the web site.
They can only access certain data after they have been verified from a
user table. They use a common database login to access the data. This
is planned to be a public free site. So hopefully the client count
will be high.create login that the application uses to get to the DB... instead of
creating a login for each user.|||Ok thats they wey I'm approaching it now.|||Are you using an ODBC or DSN less, either way assuming the users should
have the same permissions then 1 user is created in the db with a certain
level of permissions. You may also have an admin section , therfore the
admin user may have a different set of permissions
Jack Vamvas
___________________________________
Receive free SQL tips - www.ciquery.com/sqlserver.htm
"nathan001" <nathan@.thelosthorizon.com> wrote in message
news:1143477924.849156.7120@.z34g2000cwc.googlegroups.com...
> Ok thats they wey I'm approaching it now.
>|||From what you describe, it sounds like you need ASP.NET Forms
Authentication. At a minimum, you will need to implement a table with one
row for each subscriber.
ASP.NET Forms Authentication Overview
http://msdn2.microsoft.com/en-us/library/7t6b43z4.aspx
As for database (server) logins, you will need to implement one login for
each type of user (admin, subscriber, guest, etc.) and then use SQL Server
role based permissions to restrict each user's access to specific database
objects.
SQL Server 2000 Administrator's Pocket Consultant - Chapter 5: SQL Server
2000 Security
http://www.microsoft.com/technet/pr...s/c05ppcsq.mspx
SQL Server 2000 Operations Guide: Security Administration
http://www.microsoft.com/technet/pr...in/sqlops3.mspx
SQL Server 2000 Resource Kit - Chapter 10: Implementing Security
http://www.microsoft.com/technet/pr...fr=true
If this database is hosted by a 3rd party internet service provider, then
you will need to coordinate with the server administrator to setup the
logins and permissions, becuase these configurations require server admin
rights. If your ISP provides this functionality through their website
management tool, then that's great, but that would be exceptional.
"nathan001" <nathan@.thelosthorizon.com> wrote in message
news:1143473709.083112.37370@.i40g2000cwc.googlegroups.com...
>I have a web based application that could have many clients/users.
> Should I create a user account for each client browsing the web site.
> They can only access certain data after they have been verified from a
> user table. They use a common database login to access the data. This
> is planned to be a public free site. So hopefully the client count
> will be high.
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment