?
Solved

Application Permissions

Posted on 2010-08-31
10
Medium Priority
?
492 Views
Last Modified: 2013-12-17
I have a C# Windows application written to access tables and stored procedures in SQL Server  database. The table permissions (Select, Insert, Update, and Delete) and stored procedure (Execute) permissions for the user when accessing the database through the C# application.

However, if the user accesses the same table another way (like Microsoft Access), the permission for the table is Select only.

I was thinking that I need to accomplish this by setting up:
1) Application Role (in SQL Server) for the C# application table (Select, Insert, Update, and Delete) and stored procedure (Execute) permissions.
2) Database Role for the other ways to access the tables with Select only permissions.

Is setting up Application Role and Database Role accurate? If yes, my C# application uses many datasets throughout the application, how do I use sp_setapprole for the whole application? If no, what are the suggestions?
0
Comment
Question by:LenTompkins
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 16

Expert Comment

by:vdr1620
ID: 33570793
if you are doing for the 1st time then i would suggest using a Wizard instead of executing the proc..here are the steps

In the database -->security --> Roles --> application role ---> new application role --> create a user and password --select the role needed ---> in securables ---Click on search --> specify objects --> Ok ---> object Types --> select the object types and click ok and then using the browse button you can select the stored procedures,tables etc that you want to..

check these links
http://articles.techrepublic.com.com/5100-10878_11-5068954.html
http://www.sqlteam.com/article/using-application-roles

0
 

Author Comment

by:LenTompkins
ID: 33570887
Thanks for the reply, but my question is should I be setting up the Application and Database Roles to do what I need (see above) or can I do it some other way in the database?
0
 
LVL 16

Expert Comment

by:vdr1620
ID: 33571062
No,You will need to set up Roles accordingly
0
Is Your Team Achieving Their Full Potential?

74% of employees feel they are not achieving their full potential. With Linux Academy, not only will you strengthen your team's core competencies but also their knowledge of of the newest IT topics.

With new material every week, we'll make sure that you stay ahead of the game.

 

Author Comment

by:LenTompkins
ID: 33571178
I know how to setup the roles in the database, but I am not sure how to use the application role through the whole C# Windows application without keep executing sp_setapprole for each time I open a database connection and how do I do it for datasets since I don't need to open the database connection?
0
 
LVL 16

Expert Comment

by:vdr1620
ID: 33571317
i am not good with C#..but her's my thought

you do not need to execute the proc every time..once you set up a role with user id and password..Any one who logins with those credentials will have the privileges..i believe you will need to establish a Connection using these credentials
0
 

Author Comment

by:LenTompkins
ID: 33571993
When you say "Any one who loggins with those credentials" do you mean trying to connect using the credentials of the Application Role or the user?
0
 
LVL 16

Accepted Solution

by:
vdr1620 earned 1500 total points
ID: 33577534
yeah, i meant any one trying to connect using the credentials will have those privileges
0
 

Author Comment

by:LenTompkins
ID: 33581672
Through the Windows application, I will try logging in as the user and see if the privileges of the Application Role take effect.
0
 

Author Comment

by:LenTompkins
ID: 33591608
Resolution: Instead of setting up the Application and Database Role, we created a new UserID/Password in the Database Security/Logins with sysadmin privileges and changed the C# application's connection string: removing the Integrated Security=True and setting UserID/Password to the new one created.
0
 

Author Closing Comment

by:LenTompkins
ID: 33591633
Even though we setup the Application Roles, it did not fix the problem, but we do appreciate the assistance.
0

Featured Post

Command Line Tips and Tricks

The command line is a powerful tool at the disposal of every Linux user. Although Linux distros come with beautiful user interfaces, it's worthwhile to learn the command line because it allows you to do a number of things that you otherwise cannot do from the GUI.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Windocks is an independent port of Docker's open source to Windows.   This article introduces the use of SQL Server in containers, with integrated support of SQL Server database cloning.
Familiarize people with the process of utilizing SQL Server functions from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Ac…
Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question