 |
|
|
|
Next: Diffence between Quantified Predicates: IN , ANY,..
|
| Author |
Message |
External
Since: Feb 07, 2005
Posts: 5
|
(Msg. 1) Posted: Wed Feb 09, 2005 12:40 am
Post subject: Do I need two login ID's?
Archived from groups: microsoft>public>sqlserver>connect (more info?)
|
|
|
In installed SQL Server under my Win2003 Server userID, specifying NT
authentication. Then I down loaded MS JDBC, which requires Mixed mode
authentication, so I modifyed SQL Server to that. Now in Query analyzer, I
can log in to the db using windows authentication, but my user ID and
password don't work under SQL Server authentication. I need a login ID that
works under SQL Server authentication so I can login via JDBC. Do I need to
establish another ID for this? Can it be the same as the windows ID?
Thanks
Jim |
|
| Back to top |
|
 | |
External
Since: Feb 08, 2005
Posts: 1
|
(Msg. 2) Posted: Wed Feb 09, 2005 12:40 am
Post subject: Re: Do I need two login ID's? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Jim Shaw wrote:
> In installed SQL Server under my Win2003 Server userID, specifying NT
> authentication. Then I down loaded MS JDBC, which requires Mixed
mode
> authentication, so I modifyed SQL Server to that. Now in Query
analyzer, I
> can log in to the db using windows authentication, but my user ID and
> password don't work under SQL Server authentication. I need a login
ID that
> works under SQL Server authentication so I can login via JDBC. Do I
need to
> establish another ID for this? Can it be the same as the windows ID?
The administrator user name is 'sa' and the default password is blank.
You can use that for SQL authentication. Or you can log in using
Windows authentication with jTDS or one of the commercial drivers.
Alin,
The jTDS Project. |
|
| Back to top |
|
| |
External
Since: Aug 26, 2003
Posts: 362
|
(Msg. 3) Posted: Wed Feb 09, 2005 8:36 pm
Post subject: Re: Do I need two login ID's? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
You can (should) create a new SQL login to be used for JDBC.
Make sure that the sa login has a strong password
(alphanumeric, special characters, no known words) and then
hide that one away somewhere. Then create a new SQL login
that you can use for your SQL login connections. You don't
want to use the sa login for applications or daily use due
to security risks. Give the new SQL login just the
permissions it needs for the application.
-Sue
On Tue, 8 Feb 2005 23:55:35 -0500, "Jim Shaw"
wrote:
>In installed SQL Server under my Win2003 Server userID, specifying NT
>authentication. Then I down loaded MS JDBC, which requires Mixed mode
>authentication, so I modifyed SQL Server to that. Now in Query analyzer, I
>can log in to the db using windows authentication, but my user ID and
>password don't work under SQL Server authentication. I need a login ID that
>works under SQL Server authentication so I can login via JDBC. Do I need to
>establish another ID for this? Can it be the same as the windows ID?
>
>Thanks
>Jim
> >> Stay informed about: Do I need two login ID's? |
|
| Back to top |
|
| |
External
Since: Feb 07, 2005
Posts: 5
|
(Msg. 4) Posted: Thu Feb 10, 2005 12:32 pm
Post subject: Re: Do I need two login ID's? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Thanks Sue;
A good answer to my question. It will work for applications having only one
common role for all users.
Now I'm wondering what the best practice is for multiple roles at the
application level of abstraction, e.g., A Compensation System having roles
of HR Clerk, Employee supervisor, Paymaster, Employee, etc.
1. I can do an application level login and manage the roles at the
application level; or,
2. Pass the authentication data in the application's connect to SQL Server
and manage the roles in the database; or,
3. Have multiple sub-applications, each with its own authentication, one for
each application defined role.
Any thoughts on this? I think I like #3 best. Makes development easier I
think. Maybe a combination of #2 & #3 ?
Thanks
Jim
"Sue Hoegemeier" wrote in message
> You can (should) create a new SQL login to be used for JDBC.
> Make sure that the sa login has a strong password
> (alphanumeric, special characters, no known words) and then
> hide that one away somewhere. Then create a new SQL login
> that you can use for your SQL login connections. You don't
> want to use the sa login for applications or daily use due
> to security risks. Give the new SQL login just the
> permissions it needs for the application.
>
> -Sue
>
> On Tue, 8 Feb 2005 23:55:35 -0500, "Jim Shaw"
>
> >In installed SQL Server under my Win2003 Server userID, specifying NT
> >authentication. Then I down loaded MS JDBC, which requires Mixed mode
> >authentication, so I modifyed SQL Server to that. Now in Query analyzer,
I
> >can log in to the db using windows authentication, but my user ID and
> >password don't work under SQL Server authentication. I need a login ID
that
> >works under SQL Server authentication so I can login via JDBC. Do I need
to
> >establish another ID for this? Can it be the same as the windows ID?
> >
> >Thanks
> >Jim
> >
> >> Stay informed about: Do I need two login ID's? |
|
| Back to top |
|
| |
External
Since: Aug 26, 2003
Posts: 362
|
(Msg. 5) Posted: Mon Feb 14, 2005 9:02 am
Post subject: Re: Do I need two login ID's? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Not really. I just don't know enough specifics about your
application or security needs to say. At a high level, I'd
tend to go with first whatever provides the best security.
Next I'd go with ease of maintenance. I'd probably consider
ease of programming last. Years ago, programming everything
using the sa login and a blank password was the easiest for
development and used quite often. That certainly didn't work
out well. With business needs changing and issues such as
sarbanes oxley, I'd go more with whatever serves those areas
best.
-Sue
On Thu, 10 Feb 2005 11:32:04 -0500, "Jim Shaw"
wrote:
>Thanks Sue;
>A good answer to my question. It will work for applications having only one
>common role for all users.
>
>Now I'm wondering what the best practice is for multiple roles at the
>application level of abstraction, e.g., A Compensation System having roles
>of HR Clerk, Employee supervisor, Paymaster, Employee, etc.
>
>1. I can do an application level login and manage the roles at the
>application level; or,
>2. Pass the authentication data in the application's connect to SQL Server
>and manage the roles in the database; or,
>3. Have multiple sub-applications, each with its own authentication, one for
>each application defined role.
>
>Any thoughts on this? I think I like #3 best. Makes development easier I
>think. Maybe a combination of #2 & #3 ?
>
>Thanks
>Jim
>
>> You can (should) create a new SQL login to be used for JDBC.
>> Make sure that the sa login has a strong password
>> (alphanumeric, special characters, no known words) and then
>> hide that one away somewhere. Then create a new SQL login
>> that you can use for your SQL login connections. You don't
>> want to use the sa login for applications or daily use due
>> to security risks. Give the new SQL login just the
>> permissions it needs for the application.
>>
>> -Sue
>>
>> On Tue, 8 Feb 2005 23:55:35 -0500, "Jim Shaw"
>>
>> >In installed SQL Server under my Win2003 Server userID, specifying NT
>> >authentication. Then I down loaded MS JDBC, which requires Mixed mode
>> >authentication, so I modifyed SQL Server to that. Now in Query analyzer,
>I
>> >can log in to the db using windows authentication, but my user ID and
>> >password don't work under SQL Server authentication. I need a login ID
>that
>> >works under SQL Server authentication so I can login via JDBC. Do I need
>to
>> >establish another ID for this? Can it be the same as the windows ID?
>> >
>> >Thanks
>> >Jim
>> >
>>
> >> Stay informed about: Do I need two login ID's? |
|
| Back to top |
|
| |
| Related Topics: | Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. - Users in remote building (On the same VLAN? Not sure of network specifics) can connect to the sql server in the remote building with no issues. In my building (HQ), we were able to connect to it until this morning. Last night the domain controller in the...
Cannot generate SSPI context - Hi All, I am experiencing problems with a remote user (w2k pro,sql 7) attempting to connect and replicate with a Sql Server 7 on NT server. They are receiving 'Cannot generate SSPI context' messages when trying to use a vb app over a vpn. This problem..
connection string does not work for a different server - Hi all, I currently have an ASP .Net project running locally, and accessing a local SQL server 2000 database. The project runs fine since it is able to open the connection to the database, and perform operations on it locally using a connection dtata..
IIS 6 and Windows Authentication to SQL Server 2000 - I am running a Windows Server 2003 machine as my web server. I would like to use Windows authentication for connections to my SQL Server 2000 instance on a Windows 2000 server. I've read where mirroring the ASPNET account and password on the web server...
SSL Security error -ConnectionOpen(SECDoClientHandshake) - Please help. On my default instance of SQL Server 2000, which could be accessed OK with both Windows and SQL server authentication, I now get the error in the subject line above. The message in the error window - in SQL server enterprise manager- suggest... |
|
You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum
|
|
|
|
|
|
|
FAQ
Search
Profile
Private Messages
Log in
