Sorry wrong group... has been posted to correct group
"Jack" <email@example.com> wrote:
>I'm ramping up on MTS and have some confusion on the use of the security
>Tell me where I go wrong:
>When the client program (object) connects to the MTS object, it is authenticated
>to a role based on the user's NT account (i.e. user name/password). Now
>it is discouraged to use impersonation to authenticate to the third tier
>(i.e database) because of overheard. So how does one ensure that the user's
>role has permission to talk to the third tier? Is it setup simply such
>if the user can access the component, they can use it's functionality or
>can the model be extended such that the DB further authenticates based on
>the role? For example, can the DB be aware of the role also authenticate
>on it's own using the role? For example, if a component has the role "accountant"
>can the DB's security be set to lock out the "accountant" role? I imagine
>the DB cannot be made aware of the role but I would appreciate clarification
>on this point.
>Another way to frame this question is: With impersonation the 2nd tier
>the third tier each authenticate the user. When a role is used, the 2nd
>tier authenticates the user but what happens in the third tier? Does/can
>the third tire authenticate the role?
Top DevX Stories
Easy Web Services with SQL Server 2005 HTTP Endpoints
JavaOne 2005: Java Platform Roadmap Focuses on Ease of Development, Sun Focuses on the "Free" in F.O.S.S.
Wed Yourself to UML with the Power of Associations
Microsoft to Add AJAX Capabilities to ASP.NET
IBM's Cloudscape Versus MySQL