Just define a user with readonly rights to the database or even less. Then use this username to create the datasource. After that you need to use username and password in your cfquery tags. Why is this a problem for you? Do you want to secure several different datasource from beeing accessed by different web applications on the same server? This is something that the enterprise version of MX or the Railo versions by default offer. Then in MX you can use sandbox security or multiple instances, whereas in Railo this is done by default.
Greetings / Grüsse Gert Franz Customer Care Railo Technologies GmbH [EMAIL PROTECTED] www.railo.ch Join our Mailing List / Treten Sie unserer Mailingliste bei: deutsch: http://de.groups.yahoo.com/group/railo/ english: http://groups.yahoo.com/group/railo_talk/ Robert Rawlins - Think Blue schrieb: > Hello Guys, > > > > I'm looking to get some advice on securing my datasource as much as > possible. > > > > I'm looking for some advice on the data source, I'm changing the allowed > functions of the datasource to SELECT, UPDATE and INSERT only to stop things > being dropped, however, how do I have it so the username and password must > be supplied in my cfquery or stored proc tags? I can't see a checkbox > anywhere do I simply leave the username and password fields blank in my > administrator panel? > > > > I'm not sure if this makes any difference, but the SQL Server and the CF are > running on the same box and its SQL Server 2005 Standard and ColdFusion MX7 > Standard. > > > > Thanks guys, > > > > Rob > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion 8 beta â Build next generation applications today. Free beta download on Labs http://www.adobe.com/cfusion/entitlement/index.cfm?e=labs_adobecf8_beta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:281108 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
