sql server programming: Why we use application role? -- sql server programming

Re: Why we use application role?

Sue Hoegemeier
11/4/2003 8:15:48 AM

sql server programming:

Just to add a bit, if the app uses Windows authentication
then the users can log into SQL Server using tools other
than the application and execute things such as
select *
from MyOneBillionRowTable

-Sue

On Tue, 4 Nov 2003 22:25:18 +0800, "Krygim"
[quoted text, click to view]

Re: Why we use application role?

Tibor Karaszi
11/4/2003 3:03:37 PM

If you have a SQL Server login for the application (i.e., all users login
using the same SQL Server login), then you don't gain anything using
application roles. The purpose of application roles is to let each user have
individual SQL Server logins (so you can differentiate them in SQL Server)
but still don't grant that login dangerous permissions in the database.

--
Tibor Karaszi

[quoted text, click to view]

Why we use application role?

Krygim
11/4/2003 10:25:18 PM

I create an "application user account" for my application to connects to a
database. Security settings are controlled by right settings of this
application user account. No other user (except my application) will use
this account. I don't see any need to create an application role. Can
anybody tell me why we need to create an application role for an applicaton?

TIA

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages in the sql server programming group.