preventing direct access to database

B

bill

I am using vb.net and SQL Server 2000. Hopefully i will soon be using
VB.net 2005.

I would like to prevent users from having direct access to a SQL Server
database, and require them to access the database through an application.

Application roles seem like a good solution, but I read that I shouldn't use
connection pooling with application roles.

I don't think I want to sacrifice connection pooling, but I need to secure
the database.

What is the best way to accomplish this?

Thanks
Bill
 
A

andy

One technique often used with windows security is to not allow users
any rights at all on tables or views but instead limit them completely
to stored procedures. The idea is that business rules etc are enforced
by these stored procedures.

You could alternatively use SQL server security and have a log in and
password hard coded into your application. This is not usually
considered best practice AFAIK.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Connection Pooling in .NET 1
SQL Server database open in another program 0
SQLConnection questions 5
Programmatically convert Access mdb to SQL 2005 Database 6
Conneciton pooling ? URGENT HELP !!! 1
Vb.net Ms Access Database 2007 Reusable Procedures/queries/functions 5
installing SQL 2008 express and database with my vb app 2
Timeout expired. The timeout period elapsed prior to completion ofthe operation or the server is no 12

Top