On Sun, Jan 23, 2011 at 6:40 PM, Greg Keogh <g...@mira.net> wrote: > > [...] > > Rather than futz around for hours on this and start altering permissions on > procs, I was wondering what others have done in similar situations. Does > anyone else have nice tricks for making connections with more sensible > permissions?
It's my understanding you can also do sort of "elaborate" things with Schema setups: <http://msdn.microsoft.com/en-us/library/ms190387.aspx> I've not looked into it in great detail. As usual with this sort of stuff, it's appropriate to consider who you are protecting against. It may be appropriate to have the "typical" website operate in a read-only way, with certain components available only for write. Of course, you'd still store this information in the web.config. So, you can encrypt them: <http://msdn.microsoft.com/en-us/library/dx0f3cf2%28VS.80%29.aspx> It's always been my dream to have an app that was a sort of "authentication-provider", that your website queries each time it needs access. In that way, there would be nothing stored in the web.config per se; just the query interface. And that app itself could determine (based on being told) what user to return. There's lots of interesting things to do here; I too am interested to see if anyone is actually doing them. > Cheers, > > Greg -- Noon Silk http://dnoondt.wordpress.com/ (Noon Silk) | http://www.mirios.com.au:8081 > "Every morning when I wake up, I experience an exquisite joy — the joy of being this signature."