StrataFrame Forum

RBS and SQL Server Authentication and question about the SF security dialog.

http://forum.strataframe.net/Topic14650.aspx

By Geoff Hirst - 3/4/2008

hi Guys,

please forgive me being a little wet behind the ears on this. I have just started implementing RBS into my application and one thing has been nagging me for a while.

My application will most likely be deployed in scenarios where there is no domain controller so I am opting for SQL Server authentication. I have set up RBS and it works well so far. However, my database connection is still using Windows authentication and I need to move this now to SQL Server authentication which requires the set up of logins on SQL Server, yes?

I was working through the security editor and saw that it creates users and I thought that this might create the needed logins on SQL Server, but this didn't happen. So, what I am asking here is what is best way of organizing a SQL Server login for my application that the data connection can use and access the application database.

I hope the above makes sense.

Q2.

Using your SecurityDialog, is there any way I can put my applications name on it? I would rather not create a custom one just to add my application name.

thanks

Geoff.

By Trent L. Taylor - 3/4/2008

I need to move this now to SQL Server authentication which requires the set up of logins on SQL Server, yes?

Well, the two are really not connected.  The login doesn't have any bearing on the connection string that is used for SQL Server.  If you have added the security tables to your default database and your application only uses a single data source connection, then the RBS tables will use this connection string (which by default it does).  If you are using the connection string wizard, then you will provide the authentication type there.  If you are manually setting the DataSources then you will provide the connection type there instead.  The connection must already be established by the time the login occurs (otherwise it would not be able to authenticate). 

Whether you are using the Connection String Wizard or supplying the connection string manually, you will need to set this up in the SetDataSources method of the AppDomain.vb or Program.cs file depending on which language you are using.

Manual

DataBasics.DataSources.Add(New SqlDataSourceItem("","server=MyServer;user id=sa;password=mypassword;database=MyDatabase;"))

Using your SecurityDialog, is there any way I can put my applications name on it? I would rather not create a custom one just to add my application name.

Past changing the source code, no.  You do have the source code though and can change the title to meet your needs (or do it programmatically in code so future updates to not mess this up).

Dim loDialog as New SecurityDialog()

loDialog.Text = "Security - My Application Name"

By Geoff Hirst - 3/4/2008

Thanks Trent,

I think I see what you are saying, use the sa user. I did consider this, but I come from the Bill Vaughn school of SQL hard knocks and the sa user is pretty sacrosanct.

So, I have changed my connection to use the sa account and all seems well. I don't think I explained my issue very well to start with, but hey it's getting late here.

On the login form front, I just found your example, and it doesn't look like it's too complex to create my own after all.

thanks for being there just to bounce ideas at.

Geoff.

By Trent L. Taylor - 3/4/2008

I think I see what you are saying, use the sa user. I did consider this, but I come from the Bill Vaughn school of SQL hard knocks and the sa user is pretty sacrosanct.

Actually I think you missed my point....you need to be able to define your connection PRIOR to the login form coming up in the SetDataSources method.  So you could have this login information stored in an external XML file, registry, etc. and then use these external pieces to setup your connection string.  You should never hard code a connection string, user, or password into your application.  Maybe that will clear things up a bit. Smile