homepage Welcome to WebmasterWorld Guest from 50.16.112.199
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / HTML
Forum Library, Charter, Moderators: incrediBILL

HTML Forum

    
Authentication by SQL Server
I just hope this is not off topic but...
raja4

10+ Year Member



 
Msg#: 1117 posted 10:13 pm on Oct 15, 2001 (gmt 0)

Currently on our intranet site, we are being authenticated by Windows NT servers. But we want our users be authenticated by SQL server for
intrant pages access. I would like to capture SQL server user names and store them in our log files whenever an update is done.

Further, I would like to display only those pages\hyperlinks where users have explicit premissions (I mean NOT NT file permissions but SQL). How this can be done. I have seen many web site where you can see some extra important hyperlinks if you pay them for that extra service.
How to do this?

Any link or codes available with someone to help me on this issue please.

Thanks in advance for your help.

 

Xoc

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 1117 posted 4:05 am on Oct 16, 2001 (gmt 0)

You need to use entirely ASP processed pages. At the top of each page, you need to check a session variable. If it is not set, then redirect to a login page, with the url of the page it is coming from in the querystring. In the login page, merely ask for a username and password. Use the username and password to log into SQL Server. If that succeeds, set the session variable, and redirect back to the original page that was set by the query string.

You must have sessions turned on for this to work. Sessions do not make scalable web sites. The user must also have cookies turned on for this to work.

This technique can be broken by someone very technically savvy, but is secure enough for most purposes.

I wrote about how to make ASP scripts work in .htm or .html pages in this thread: [webmasterworld.com...]

JuniorHarris

10+ Year Member



 
Msg#: 1117 posted 1:34 pm on Oct 16, 2001 (gmt 0)

If using Windows NT Challenge/Response you may be able to leverage integrated security within SQL Server. The logins can be matched to NT usernames and groups, which will also help centralize user maintenance.

The physical pages would be protected through file permissions, and any delivery from the database could be governed by their matched SQL Server login. You might check the SQL Server books on line (BOL) for details about column permissions and vertical/horizontal data partitioning.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / HTML
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved