Restricting Access to DB on same server

Hi

I want to be able to offer limited access to a DB to clients that are hosted on my server (only select clients NOT all).

I was thinking of offering them a set of functions, like an API, that they could utilize and use the recordset that is returned in the normal way. I could probably have a set of domain names that had access along with the server IP and verify that the call was coming from the correct domain name on the local server.

What do you think? Any better suggestions? Would the domain and IP of server be enough security?

I want to be able to offer the service without basically opening myself up to having it stolent by everybody.

All helpful suggestions or advice appreciate.
lux_interiorAsked:
Who is Participating?
 
Eduard GherguConnect With a Mentor Leader SibiuCommented:
Usually, the way in that clients has access to a database is thru some accounts. So, I see no reason to restrict access using operating system security policies. You have to create your own database security policy with user groups and accounts. After that, you have to create a login page. After authentication, you have to store in a session variable or in a cookie (basically is the same thing, but the way of implementing is different) some access rights information. You can, afterwards, check the rights when then user ask for a page and provide or not access to some fields or whatever...
I hope that this is the answer to your question.
0
 
nayernaguibCommented:
You can deny all permissions to all users and/or user groups, and then grant permissions individually to users and/or groups (assuming that you have some way to authenticate users, such as username and password).

Take a look at this:

http://www.mssqlcity.com/Articles/Adm/manage_users_permissions.htm

________________

  Nayer Naguib
0
 
Eduard GherguLeader SibiuCommented:
What DB server do you have ?
0
 
lux_interiorAuthor Commented:
mysql. Too be honest I think a php solution offering an API is the best way to go. That way they never need to have access to the database.

Perhaps this should be moved to another section of EE?

Thanks

Lux
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.