I think that Dave has basically answered your question but I'll toss out the notion that if it was acceptable in your environment you could do the same sort of permissions but at the application level instead of the db.
CF can do authentication with Active Directory via the CFLDAP tag. You could fetch a list of permissions and then proxy the calls to the db and only allow certain queries involving your sprocs and views to people with sufficient privileges. Though it is functionally equivalent to what you are talking about, it may be that they want the roles and permissions enforced down at the SQL Server level. There are some good reasons to do so and then there are some reasons that, well, that's just how an organization has always done it and isn't changing now. Anyway, if you are investigating CF talking to Active Directory, start with the CFLDAP tag. Take care, Judah On Tue, May 26, 2009 at 3:35 PM, <[email protected]> wrote: > > Hi, > > Does anyone know how to setup a datasource to authenticate with Active > Directory. We are moving away from service accounts on SQL Server and I > need to pass the Windows login credentials through my CF apps to SQL Server > so the user is allowed access to certain views and sprocs. For example > in .net you add "IntegratedSecurity=SSPI" to the connection script and your > done. > > > Thanks for any advice. I have only been using CF for about 6 months now > after our main developer left. This is my first programming job so bear > with me please. > > > thanks, > Mike > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:322816 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
