I am using mixed mode for SQL Server. Most of our users will use mixed mode so I created one account for all users. I connect to the server but I always connect and disconnect the record set in other words there are no record set connection left open duration of the program.
I have a table that consists of users and each user has different rights to different parts of the program. i.e. one user may not have the rights to use accounting section of the program. When they launch the program, it asks the user for user name and password but that is just to authenticate the user and to setup the application layout. When the user connects to the database, it uses a different user name and password to authenticate the sql server account.
SQL Server Authentication
User id: General_user
Lists of all users with password and varies fields that have the users’ rights value.
Is this a typical practice or what?