using an SQL Table as the source for sql logins?

Hi all,

Im just wondering if its possible to use an SQL table as the source for SQL logins, basically i want the logged in users credentials to log in as the sql connection string.

ID presume thats how most login sites do it? or do they have a connection string with 1 login? is that secure?

THanks
LVL 1
awilderbeastAsked:
Who is Participating?
 
Julian HansenCommented:
As far as I know standard practice is

App has a login to SQL
Table in database stores app logins.

I don't think one is more secure than the other - I usually store connection strings in a resource that is not browsable (file / registry) so the only way to get it is to get access to the physical server. Or using preferably using Integrated security so only the IIS user account has access.

Creating a new user in SQL for each new login is possible but quite complex compared to adding a row to a table. One could argue it is more secure than the stored user name and password method but it is on a par with Integrated security so I would go with that.

Setup your server with integrated security and manage the logins in a table.
0
 
ProphionCommented:
i cant speak for all software developers but the most of them are using a connection string for login to sql servers and implement the security as a part of their software.
0
 
Guy Hengel [angelIII / a3]Billing EngineerCommented:
you can of course create as many sql logins as you want, and use that one for the connection.
otherwise, if you created your own table, you use 1 single sql login for the connection string, and do a "application wise" login (checking the username/password) in your own table.
0
 
awilderbeastAuthor Commented:
thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.