asked on
What form of security can one have for mobile applications?
I am bulding an application for the sales department of a company. Salesmen will run this programm on their laptops while they visit the customer or at their home.
The programm uses MS Access for the database needs.
What i need is some sort of basic security for the data the database is currying. Because of the way the application will be run (mobile - database on the same computer) having a user/pass authentication scheme for accessing the db would be obsolete as one could just open the mdb file and fetch all the data (correct me if im wrong).
I tryed to password protect the access db so it would require the correct password when someone tryes to open it, but while the db was password protected i could not access it through visual basic no matter which way i tryed (!).
Has anyone faced a similar need for security? What was your solution?
The programm uses MS Access for the database needs.
What i need is some sort of basic security for the data the database is currying. Because of the way the application will be run (mobile - database on the same computer) having a user/pass authentication scheme for accessing the db would be obsolete as one could just open the mdb file and fetch all the data (correct me if im wrong).
I tryed to password protect the access db so it would require the correct password when someone tryes to open it, but while the db was password protected i could not access it through visual basic no matter which way i tryed (!).
Has anyone faced a similar need for security? What was your solution?
Visual Basic Classic
Last Comment
IeuanJ
ASKER
i tryed this:
dim db as database
set db = OpenDatabase(fname_master,
"Data Source=" & fname_master & " Jet OLEDB:Database Password=zity")
...where fname_master is a global var that has the full file path to the db, and zity is the password.
Yet i get an error saying that the password is not correct (run time error '3031': Not a valid password) ... The password is correct ofcourse :/
I use ms access 2002 (office XP) and vb 6.0
dim db as database
set db = OpenDatabase(fname_master,
"Data Source=" & fname_master & " Jet OLEDB:Database Password=zity")
...where fname_master is a global var that has the full file path to the db, and zity is the password.
Yet i get an error saying that the password is not correct (run time error '3031': Not a valid password) ... The password is correct ofcourse :/
I use ms access 2002 (office XP) and vb 6.0
Hi again Babbos, this works as far as I can tell, I tested it myself on an access database, this uses the more conventional ADO method rather than opendatabase. The example below shows a quick count of records from a table.
Private Sub Form_Load()
Dim myConn As ADODB.Connection
Dim myRS As ADODB.Recordset
Dim strConn As String
Set myConn = New ADODB.Connection
Set myRS = New ADODB.Recordset
strConn = "Provider=Microsoft.Jet.OL
"Data Source=" & fname_master & ";" & _
"Jet OLEDB:Database Password=zity"
myConn.Open strConn
myRS.Open "select count(*) as COU from testdata", strConn
MsgBox myRS!COU
myRS.close
myConn.close
End Sub
The only other possibility would be an incorrect password (have you checked case etc.) or less likely some sort of file access violation.
Private Sub Form_Load()
Dim myConn As ADODB.Connection
Dim myRS As ADODB.Recordset
Dim strConn As String
Set myConn = New ADODB.Connection
Set myRS = New ADODB.Recordset
strConn = "Provider=Microsoft.Jet.OL
"Data Source=" & fname_master & ";" & _
"Jet OLEDB:Database Password=zity"
myConn.Open strConn
myRS.Open "select count(*) as COU from testdata", strConn
MsgBox myRS!COU
myRS.close
myConn.close
End Sub
The only other possibility would be an incorrect password (have you checked case etc.) or less likely some sort of file access violation.
sorry have noticed a small problem in your code that might actually be what is going wrong.
"Provider=Microsoft.Jet.OL
"Data Source=" & fname_master & " Jet OLEDB:Database Password=zity"
Should be...
"Provider=Microsoft.Jet.OL
"Data Source=" & fname_master & "; Jet OLEDB:Database Password=zity"
Unless fname_master is terminated with a semi-colon already.
The semi-colon is needed to seperate out parameters in the connection string, an error I also made in my first post (sorry), though this should return a diffeent error of could not find database....
"Provider=Microsoft.Jet.OL
"Data Source=" & fname_master & " Jet OLEDB:Database Password=zity"
Should be...
"Provider=Microsoft.Jet.OL
"Data Source=" & fname_master & "; Jet OLEDB:Database Password=zity"
Unless fname_master is terminated with a semi-colon already.
The semi-colon is needed to seperate out parameters in the connection string, an error I also made in my first post (sorry), though this should return a diffeent error of could not find database....
ASKER
i also noticed the missing semi collon and tryed it with it but the error is still the same :/
Does this work for you?
Does this work for you?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
thanks for the tip, i wish i knew that earlier, now i have to convert all my code to use the ADO model
Is it a large conversion ? If not then it's worth it, if it is large enough to cause you a headache then perhaps some other form of password protection would be a better option, either controlled from within the client or a username & password type tabel in the database itself, as you said it wouldnt protect the file but would stop the client being used by unauthorised peoples although permission could be set on the file so only certain NT accounts could access it.
Sorry I couldnt help more with your original question, the only times I have used DAO is via DSN's to large Oracle databases and the authentication was handled via integrated NT logins through the DSN. After that we switched to ADO to standardise.
Sorry I couldnt help more with your original question, the only times I have used DAO is via DSN's to large Oracle databases and the authentication was handled via integrated NT logins through the DSN. After that we switched to ADO to standardise.
ASKER
ADO should be my choise in the first place indeed :/
It wont be a very big headache to convert my code, thanks!!! :)
It wont be a very big headache to convert my code, thanks!!! :)
Your welcome.
conn.Open "Provider=Microsoft.Jet.OL
"Data Source=locationpath\file.m
"Jet OLEDB:Database Password=wally;"