|
DB having own security using user tables |
Post Reply 
|
| Author |
 Share Topic Printable Version Delicious Digg Facebook Furl Google Boomarks Google Buzz MySpace Newsvine reddit StumbleUpon Translate Twitter Windows Live Yahoo Bookmarks Topic Search  Topic Options
|
Stecy 
Newbie 
Joined: 11-May-2011 Posts: 2 |
 Post Options
 Quote Reply
 Topic: DB having own security using user tablesPosted: 11-May-2011 at 12:05pm |
|
Hi,
We have a SQL database where an application always log using the same credentials regardless of the user using it. However, the application must open a user session and it is implemented by using a user table in the database. Furthermore, some tables, views, sprocs are protected using this mechanism by using a SQLServer CONTEXT_INFO set by the application. This context info contains a session id and the sproc executes only if the CONTEXT_INFO contains this session id and the session allows execution for the user (derived from the session id and user table). Does DevForce support this scenario? |
|
 |
|
|
DenisK
IdeaBlade 
Joined: 25-Aug-2010 Posts: 715 |
Post Options
Quote Reply
Posted: 12-May-2011 at 2:16pm |
|
Hi Stecy;
The answer is yes and no. No, because we are not certain of the lifetime of the CONTEXT_INFO. We open/close the DB connection as needed and don't expose it at the application level. Thus, each connection issued to the db may results in a different session. The answer is yes, if you can move away from using CONTEXT_INFO. DevForce uses role-based security within the application level, not the database, based on the principal. We have what we called Query Interceptor and Query Filters that supports this same concept, but on an application level instead of the database level. Hope this helps. |
|
|
|
|
DenisK
IdeaBlade
Joined: 25-Aug-2010 Posts: 715 |
Post Options
Quote Reply
Posted: 12-May-2011 at 4:17pm |
|
Here is a page on our DRC (DevForce Resource Center) that explains how Query Interceptor and Query Filters work.
|
|
|
|
|
Stecy
Newbie
Joined: 11-May-2011 Posts: 2 |
Post Options
Quote Reply
Posted: 13-May-2011 at 10:21am |
|
Thank you for the answer.
Sadly, the system we have cannot be changed and the method of authenticating users is what I described. Since there's no way to accomodate this then I fear DevForce would not be a perfect fit in our case. I really hope there is a way though... |
|
|
|
|
Post Reply
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |