Database Access Restriction for asp.net

Question

Database Access Restriction for asp.net

I have had this question for quite some time ...

I saw a lot of discussion about providing role-based access for databases ... But as for asp.net web applications ... The web application is going to connect to the database in some way with the identifier specified in the connection string, regardless the user connected to the application ... (except for the auth model window) ...

In such a scenario ... There is no need to create an individual user entry into the database and provide him with the necessary roles and access restrictions.

Does this mean that we do not need to worry about restricting user access to the database for asp.net applications, with the exception of the user used in Connection String ... or am I mistaken somewhere.

thanks

+5

database .net sql-server asp.net

The king Feb 08 '10 at 3:48

source share

2 answers

" , asp.net, , "

: ""

: , , " ". URL- : MSDN

+1

Subbu 08 . '10 11:15

Robert Harvey · Accepted Answer · 2010-02-08T03:50:48+0000

There is no need to create individual users in the database and provide them with the required roles and access

Correctly.

Does this mean that we do not need to worry about restricting user access to DB for asp.net applications, except for the user used in the connection string

In essence. But the user may be allowed access only to certain parts of the application ... Administrative rights may not be granted, for example, to all users. Thus, you still need a user security mechanism for an application that grants application rights to specific users.

. - , , . - Active Directory .

Database Access Restriction for asp.net

More articles: