Appl login and password


DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Results 1 to 5 of 5

Thread: Appl login and password

Hybrid View

  1. #1
    steven Guest

    Appl login and password


    Hi,

    Wonder if anyone can help? Currently users are accessing via an application
    using the appl ID and Password to connect to the SQL database. The SQL Server
    is deployed using standard security. The appl ID and pw is stored encrypted
    in an INI file and the appl decypts it and send the ID and Password in clear
    to connect to the SQL server.

    Is there any way to store this appl ID and Password encrypted in the database
    and still allow the application to connect to the SQL Server?

  2. #2
    DaveSatz Guest

    Re: Appl login and password

    There are lots of ways, but it depends on your f/e.
    If it is VB, you can connect to a COM component running under MTS/COM+ that
    use a common connect string to connect to the database. The COM component
    coudl return the id and password.
    You could store id and password in the registry which would be slightly
    harder to find that an INI file.
    You could store the ID in the registry and create a SQL server password for
    the user that is an encrypted version of the ID (so that you just encrypt
    the id to get the password). You must then have your own way of verify the
    password that the user types in.

    But the easist solution, is to use integrated security; and then the user
    will not have to login into your domain and the appl.

    --
    Thanks,
    David Satz
    Principal Software Engineer
    Hyperion Solutions
    ->Using SQL Server 7.0 SP2/6.5 SP5a/Cold Fusion 4.5.1/ADO 2.1/VB 6.0/MTS
    (Please reply to group only)
    -----------------------------------------------------------------

    "steven" <steven_tan@yahoo.com.sg> wrote in message
    news:3a382c4c$1@news.devx.com...
    >
    > Hi,
    >
    > Wonder if anyone can help? Currently users are accessing via an

    application
    > using the appl ID and Password to connect to the SQL database. The SQL

    Server
    > is deployed using standard security. The appl ID and pw is stored

    encrypted
    > in an INI file and the appl decypts it and send the ID and Password in

    clear
    > to connect to the SQL server.
    >
    > Is there any way to store this appl ID and Password encrypted in the

    database
    > and still allow the application to connect to the SQL Server?




  3. #3
    D. Patrick Hoerter Guest

    Re: Appl login and password

    Dave,

    I don't believe you read his question. He asked if it was possible to
    store that information _in the database_.

    Since he is already using encryption with an ini file, using the
    connection string in MTS, or using a registry key, are just more of the
    same.

    The answer to his actual question, of course, is 'No'.

    Regards,
    D. Patrick Hoerter

    DaveSatz <davidsatz@yahoo.com> wrote in message
    news:3a38cfd4$1@news.devx.com...
    > There are lots of ways, but it depends on your f/e.
    > If it is VB, you can connect to a COM component running under MTS/COM+

    that
    > use a common connect string to connect to the database. The COM component
    > coudl return the id and password.
    > You could store id and password in the registry which would be slightly
    > harder to find that an INI file.
    > You could store the ID in the registry and create a SQL server password

    for
    > the user that is an encrypted version of the ID (so that you just encrypt
    > the id to get the password). You must then have your own way of verify

    the
    > password that the user types in.
    >
    > But the easist solution, is to use integrated security; and then the user
    > will not have to login into your domain and the appl.
    >
    > --
    > Thanks,
    > David Satz
    > Principal Software Engineer
    > Hyperion Solutions
    > ->Using SQL Server 7.0 SP2/6.5 SP5a/Cold Fusion 4.5.1/ADO 2.1/VB 6.0/MTS
    > (Please reply to group only)
    > -----------------------------------------------------------------
    >
    > "steven" <steven_tan@yahoo.com.sg> wrote in message
    > news:3a382c4c$1@news.devx.com...
    > >
    > > Hi,
    > >
    > > Wonder if anyone can help? Currently users are accessing via an

    > application
    > > using the appl ID and Password to connect to the SQL database. The SQL

    > Server
    > > is deployed using standard security. The appl ID and pw is stored

    > encrypted
    > > in an INI file and the appl decypts it and send the ID and Password in

    > clear
    > > to connect to the SQL server.
    > >
    > > Is there any way to store this appl ID and Password encrypted in the

    > database
    > > and still allow the application to connect to the SQL Server?

    >
    >




  4. #4
    DaveSatz Guest

    Re: Appl login and password

    I did read the question, but was proposing several solutions, including one
    that stores the password at least in the db:
    "You could store the ID in the registry and create a SQL server password for
    the user that is an encrypted version of the ID (so that you just encrypt
    the id to get the password). You must then have your own way of verify the
    password that the user types in."

    "D. Patrick Hoerter" <phoerter@NO_SPAMMERS_bellatlantic.NET_net> wrote in
    message news:3a3aee4a@news.devx.com...
    > Dave,
    >
    > I don't believe you read his question. He asked if it was possible to
    > store that information _in the database_.
    >
    > Since he is already using encryption with an ini file, using the
    > connection string in MTS, or using a registry key, are just more of the
    > same.
    >
    > The answer to his actual question, of course, is 'No'.
    >
    > Regards,
    > D. Patrick Hoerter
    >
    > DaveSatz <davidsatz@yahoo.com> wrote in message
    > news:3a38cfd4$1@news.devx.com...
    > > There are lots of ways, but it depends on your f/e.
    > > If it is VB, you can connect to a COM component running under MTS/COM+

    > that
    > > use a common connect string to connect to the database. The COM

    component
    > > coudl return the id and password.
    > > You could store id and password in the registry which would be slightly
    > > harder to find that an INI file.
    > > You could store the ID in the registry and create a SQL server password

    > for
    > > the user that is an encrypted version of the ID (so that you just

    encrypt
    > > the id to get the password). You must then have your own way of verify

    > the
    > > password that the user types in.
    > >
    > > But the easist solution, is to use integrated security; and then the

    user
    > > will not have to login into your domain and the appl.
    > >
    > > --
    > > Thanks,
    > > David Satz
    > > Principal Software Engineer
    > > Hyperion Solutions
    > > ->Using SQL Server 7.0 SP2/6.5 SP5a/Cold Fusion 4.5.1/ADO 2.1/VB 6.0/MTS
    > > (Please reply to group only)
    > > -----------------------------------------------------------------
    > >
    > > "steven" <steven_tan@yahoo.com.sg> wrote in message
    > > news:3a382c4c$1@news.devx.com...
    > > >
    > > > Hi,
    > > >
    > > > Wonder if anyone can help? Currently users are accessing via an

    > > application
    > > > using the appl ID and Password to connect to the SQL database. The SQL

    > > Server
    > > > is deployed using standard security. The appl ID and pw is stored

    > > encrypted
    > > > in an INI file and the appl decypts it and send the ID and Password in

    > > clear
    > > > to connect to the SQL server.
    > > >
    > > > Is there any way to store this appl ID and Password encrypted in the

    > > database
    > > > and still allow the application to connect to the SQL Server?

    > >
    > >

    >
    >




  5. #5
    steven Guest

    Re: Appl login and password


    Many Thanks for both the helpful replies. Happy New Year.



    "DaveSatz" <davidsatz@yahoo.com> wrote:
    >I did read the question, but was proposing several solutions, including

    one
    >that stores the password at least in the db:
    >"You could store the ID in the registry and create a SQL server password

    for
    >the user that is an encrypted version of the ID (so that you just encrypt
    >the id to get the password). You must then have your own way of verify

    the
    >password that the user types in."
    >
    >"D. Patrick Hoerter" <phoerter@NO_SPAMMERS_bellatlantic.NET_net> wrote in
    >message news:3a3aee4a@news.devx.com...
    >> Dave,
    >>
    >> I don't believe you read his question. He asked if it was possible

    to
    >> store that information _in the database_.
    >>
    >> Since he is already using encryption with an ini file, using the
    >> connection string in MTS, or using a registry key, are just more of the
    >> same.
    >>
    >> The answer to his actual question, of course, is 'No'.
    >>
    >> Regards,
    >> D. Patrick Hoerter
    >>
    >> DaveSatz <davidsatz@yahoo.com> wrote in message
    >> news:3a38cfd4$1@news.devx.com...
    >> > There are lots of ways, but it depends on your f/e.
    >> > If it is VB, you can connect to a COM component running under MTS/COM+

    >> that
    >> > use a common connect string to connect to the database. The COM

    >component
    >> > coudl return the id and password.
    >> > You could store id and password in the registry which would be slightly
    >> > harder to find that an INI file.
    >> > You could store the ID in the registry and create a SQL server password

    >> for
    >> > the user that is an encrypted version of the ID (so that you just

    >encrypt
    >> > the id to get the password). You must then have your own way of verify

    >> the
    >> > password that the user types in.
    >> >
    >> > But the easist solution, is to use integrated security; and then the

    >user
    >> > will not have to login into your domain and the appl.
    >> >
    >> > --
    >> > Thanks,
    >> > David Satz
    >> > Principal Software Engineer
    >> > Hyperion Solutions
    >> > ->Using SQL Server 7.0 SP2/6.5 SP5a/Cold Fusion 4.5.1/ADO 2.1/VB 6.0/MTS
    >> > (Please reply to group only)
    >> > -----------------------------------------------------------------
    >> >
    >> > "steven" <steven_tan@yahoo.com.sg> wrote in message
    >> > news:3a382c4c$1@news.devx.com...
    >> > >
    >> > > Hi,
    >> > >
    >> > > Wonder if anyone can help? Currently users are accessing via an
    >> > application
    >> > > using the appl ID and Password to connect to the SQL database. The

    SQL
    >> > Server
    >> > > is deployed using standard security. The appl ID and pw is stored
    >> > encrypted
    >> > > in an INI file and the appl decypts it and send the ID and Password

    in
    >> > clear
    >> > > to connect to the SQL server.
    >> > >
    >> > > Is there any way to store this appl ID and Password encrypted in the
    >> > database
    >> > > and still allow the application to connect to the SQL Server?
    >> >
    >> >

    >>
    >>

    >
    >



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center