• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 450
  • Last Modified:

Establishing a secure logon to sql server 2008 via TADOConnection in Delphi 2010

I am logging on to a SQL Server 2008 database on a web site using Delphi's a TADOConnection component.  I want to ensure that the password is not passed in plain text.  What properties do I have to set in the TADOConnection component to protect the login?  Does it support SSL?  
0
cerebrumconsulting
Asked:
cerebrumconsulting
  • 3
  • 2
2 Solutions
 
vinsvinCommented:
The article Encrypting Connections to SQL Server, should help you on this. See the link below

http://technet.microsoft.com/en-us/library/ms189067.aspx
0
 
cerebrumconsultingAuthor Commented:
Thanks, but I've already researched the technet articles.  It seems very complicated.  It talks about installing a certificate.  I have no idea how to get a certificate.  Are you saying that the security has nothing to do with the clientside TADOConnection component?  Would any TADOConnection component connect via SSL automatically if the SQL Server were configured as the technet article specifies?  If so, I'll concentrate on the server side.

Perhaps I'm working on an erroneous assumption. I thought it was simply a matter of setting some property on the TADOConnection component.  Is that not the case?

Thanks.
0
 
vinsvinCommented:
This article will tell you how to encrypt the connections coming to SQL Server.

As you are setting up the connection from TADOConnection component to SQL Server, this is the way
0
 
cerebrumconsultingAuthor Commented:
Thanks.  I thought I had to do something on the client-side as well, via the TADOConnection component, but from what you're saying, I understand that the entire responsibility for encrypting the outgoing password so it cannot be captured by a snooper lies with the server-side of the exchange.
0
 
cerebrumconsultingAuthor Commented:
There were two original questions:
What properties do I have to set in the TADOConnection component to protect the login?  and Does it support SSL?

In providing the original solution, if these had been answered directly--even to say that they didn't apply to the solution--it would have removed all my uncertainty and I wouldn't have had to make a second submission.

In the second submission, I asked two additional questions to help me clarify my understanding.  I'm assuming that the answer to both is "Yes" based on the second answer from the responder, but that is an assumption, not a certainty, since he/she never answered them directly.

That is the reason for the grade of "partially".
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now