登录，用户在SQL权限表达2005年，图，流程图 [英] logins , users, permissions in sql express 2005 , with diagram , flowchart

问题描述

我想创建登录和放大器;用户对于我的C＃.NET WinForms应用程序，它使用SQL Server 2005 Express的&放大器。高达我所知，我所建的这些步骤。

I want to create logins & users for my c#.net winforms application which uses sql server 2005 express .& upto my knowledge i have built these steps.

所以，我想问问是这些步骤正确的还是我做了很多错误。

So , I want to ask that are these steps correct or am i making a lot of mistakes.

另外，如果是缺少任何一个步骤，那么请添加新的步骤。
同样，在最后一步，我应该怎么做，我一定要授予权限到两个，用户和放大器;模式或仅用户或仅架构。

Also, if am missing any step then please add new steps. Also, in the last step, what should i do, do i have to grant permissions to both ,USERS & SCHEMA, OR to only USER, OR to only SCHEMA.

我正在寻求在这个模型中，或者如果有人能提供一种新的模式的改进。 。将是一个很大的帮助。

I am seeking improvements in this model or a new model if anybody can provide. Would be a great help.

我要授予&安培; DENY数据库级别的权限，例如CREATE，DROP，ALTER DATABASE;表级别如INSERT的，删除，修改，更新和放大器;的列级。

I want to GRANT & DENY permissions of DATABASE LEVEL such as CREATE, DROP, ALTER DATABASE ; of TABLE LEVEL such as INSERT , DELETE, ALTER, UPDATE & of COLUMN LEVEL.

此外，是模式的创造必要的吗？

Also, is creation of schema necessary?

据我所知：登录
创作是用户输入上面创建的登录需要
创作是必要的
CREATION模式是或不是必要的？我不知道。

As far as i know: CREATION OF LOGIN is necessary CREATION OF USER for the above created login is necessary CREATION OF SCHEMA is or is not necessary? i don't know.

推荐答案

我改变了我整个的回答。我真的认为这是不授予使用你的数据库直接登录访问一个好主意。数据库是不正确的瓶颈的权限。创建你需要的总数据库权限的用户。然后，授予在根据自己的应用程序（在数据库表中的跟踪）角色的应用程序的用户的功能。

I'm changing my whole answer. I really think it's not a good idea to grant uses direct login access to your db. The DB is not the right "choke point" for permissions. Create one user with the total db permissions you will need. Then grant the users features in your application based on their role in the application (tracked in a table in your database).

有很多问题与创建1登录每个用户在数据库中。有几个是1.修的噩梦2.现在用户可以登录到你的数据库，直接，如果他们能得到连接到它Management Studio或其他工具。

There are a lot of problems with creating 1 login per user in your database. A few are 1. Maintainance nightmare 2. Now your users can log in to your db directly if they can get connected to it with Management studio or some other tool.

1. 要详细说明。 。 。为应用程序创建一个登录。将它命名为类似的 MyApplicationUser 的


2. 在您的应用程序来跟踪每个用户可以成为其中的一部分角色创建一个表。这也可以跟踪他们被允许在你的应用程序中的功能（虽然可能在不同的表）


3. 当用户启动应用程序，该应用程序是使用相同的数据库凭据运行结束（的 MyApplicationUser 的）


4. 现在，你知道该用户（基于NTID，或应用程序登录）谁了，你可以给他们适合于他们在功能该应用程序）

1. To elaborate . . . create one login for your application. Name it something like MyApplicationUser.
2. Create a table in your application to track the roles that each user could be part of. This can also track the features they are allowed to have in your application (though probably in a different table)
3. When the user starts the application, the application is opend using the same db credentials (MyApplicationUser)
4. Now you know who the user is (based on NTID, or application login), and you can give them the features that are appropriate to them in the application)

这篇关于登录，用户在SQL权限表达2005年，图，流程图的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！