Results 1 to 2 of 2
  1. #1
    Join Date
    Sep 2007
    Location
    India
    Posts
    21

    Unanswered: User Rights Restriction

    One Web Application is using SQL server via user 'abc'. I want to restrict this user.
    My requirement is :
    abc should not select, insert, update, delete on any table using any sql query.
    abc should run specific Stored Procedure and insert or delete or update or select.
    I have procedures for all this operations.

    What steps I have to follow to create a login, role, user?
    what rights i have to give to database, table?

    please guide in detail.

  2. #2
    Join Date
    Jul 2003
    Location
    San Antonio, TX
    Posts
    3,662
    Use schemas for all your objects, create schema for your tables and deny select,insert,update,delete on those schemas to that user. Create a schema or schemas for your stored procedures and grant execute on it/them to that user. When creating each stored procedure, use EXECUTE AS clause and either specify a user account that has the rights to perform DML on table schemas, or use OWNER.
    "The data in a record depends on the Key to the record, the Whole Key, and
    nothing but the Key, so help me Codd."

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •