Restricting Sybase access to specific applications?? 
Author Message
 Restricting Sybase access to specific applications??

I have been asked several times during the past few months how
it would be possible to restrict updates and queries to
specific applications.  Although I don't have any real
answers, I'v been brainstoriming and have come up with
some possibilities:

One way is to put the logon into the application hoping
the user can't get his own password.  We would put
an associated real userid and password (with some
encryption) into a table that only our program
can decrypt.

For example:

1)  User logs in...

2)  Get an associated login that has real table access
from a special userid_mapping table.

3)  Decrypt the userid and password

4)  Re-login using the new userid and password...

--- Would this work?  How could the user get around this?

------

Another solution for updates only... might be to have the special
application put a password into a "user password" table.  Triggers
would check for the existance of the password or would roll-back
any updates.

--- Would this work?  Is there a better way?

--------

Is there any way to make these or other solutions work to a DB2
gateway?  I want to allow a user to update tables, but not by
using Q+E or such thing without triggers in effect.

Any suggestions and/or help in this area would be appreciated.
--
--
Any disclaimers made for me, by me, or about me - may or may not accurately
reflect my failure to be reflecting the opinions of myself or anyone else.
*************************************************
*  Brian Jay Gould - Professional Brain-stormer *
*************************************************



Fri, 18 Mar 1994 11:16:50 GMT
 Restricting Sybase access to specific applications??



Quote:
>I have been asked several times during the past few months how
>it would be possible to restrict updates and queries to
>specific applications.  Although I don't have any real
>answers, I'v been brainstoriming and have come up with
>some possibilities:

Well you could restrict access to all but the object(s)
owner, and provide access via stored procedures, so that the
stored procedure _has_ to be called to update and query. The
stored procedure would in effect be a subset of your
application.

--
+-----+  Bernd Felsche                      _--_|\   #include <std/disclaimer.h>

| | | |  328 Albany Highway,               X_.--._/          Fax: +61 9 472 3337
|m|p|s|  Victoria Park, Western Australia 6100   v         Phone: +61 9 362 9355



Sat, 19 Mar 1994 09:18:36 GMT
 
 [ 2 post ] 

 Relevant Pages 

1. Restricting database access from specific applications

2. Restricting Database Access from specific applications

3. restricting database access from specific applications

4. restricting database access from specific applications

5. Restricting access to the database depending on connected application (Sybase ASE 11.9.3)

6. Restrict Access to User Specific Data

7. Restrict a specific user from accessing a public table

8. Restrict access to specific records in Filemaker Pro...

9. to restrict user access by application?

10. Restricting APPLICATION access to SQL Server

11. Restricting users to access the sql server by application

12. ADO/ODBC access restricted to one main application?


 
Powered by phpBB® Forum Software