Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / General / Security / September 2006

Tip: Looking for answers? Try searching our database.

authentication Mode

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
JB - 22 Sep 2006 18:17 GMT
I am developing a client/server application using sql server as the back end.
This app must allow for two login scenarios other than the usual one
user/one workstation.  First, the app must allow users to log in from any
machine on the network even when using a machine running under a different
users login.  Second, the app must be available to someone that does not have
a windows login, eg a field worker that needs to access the app occasionially
using a machine running under a different users login.  For these reasons, I
have been using mixed mode authentication which does the job.  Since all the
documentation seems to recommend Windows authentication mode and mixed mode
is for backward compability, am I missing something here?  Can I handle the
two scenarios, particularly the second using Windows Authentication?

JB
Reply to this Message
Arnie Rowland - 22 Sep 2006 18:34 GMT
Consider using an Application Role rather than user level security.

Look in Books Online for "Establishing Application Security and Application
Roles".

Signature

Arnie Rowland, Ph.D.
Westwood Consulting, Inc

Most good judgment comes from experience.
Most experience comes from bad judgment.
- Anonymous

>I am developing a client/server application using sql server as the back
>end.
[quoted text clipped - 16 lines]
>
> JB
Reply to this Message
Sue Hoegemeier - 25 Sep 2006 01:57 GMT
That's hard to say as this line doesn't make sense:
"Second, the app must be available to someone that does not
have  a windows login, eg a field worker that needs to
access the app occasionially  using a machine running under
a different users login"

So what login is the "different users login" - but the user
doesn't have a login?
It really depends on what login is being used, if the field
work is accessing a machine in a domain, if it's multiple
domains, depends on trusts that may or may not be setup,
etc.
In terms of the other issue, Machines and logins are two
different things. If I have my windows login setup for
access to a SQL Server box in my domain, it doesn't matter
what machine I use. If I login into the network, that's the
credentials that are used no matter what machine I may be
logged into.
If users are logging into the domain with all different
logins, accessing network resources with various logins then
you have a security mess at the network level which will
lead to security messes in SQL Server as well when
implementing Windows authentication.

-Sue

>I am developing a client/server application using sql server as the back end.
> This app must allow for two login scenarios other than the usual one
[quoted text clipped - 9 lines]
>
>JB
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.