I doubt that, because that would kind of defeat the whole reasoning behind having "SQL Client" and "OLE DB" permission sets. Why have them if they don't do any good. Also, if I give full trust to the code it runs fine.
Do you have a link to an article or something that says I shouldn't be doing this? Has anyone else heard this? Michael ----- Original Message ----- From: "franklin gray" <[EMAIL PROTECTED]> Sent: Tuesday, April 09, 2002 5:26 PM Subject: Re: Fw: Security - Connecting to SQL Server I was under the impression that a web deployed app was not suppose to access DBs, but to use web services to get data from the DBs. You may want to look into Web Services as a backend to your app. -----Original Message----- From: Michael Bealer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 09, 2002 4:20 PM To: [EMAIL PROTECTED] Subject: [DOTNET] Fw: Security - Connecting to SQL Server Following the example given in the "Death to the browser" article I created a stub app that called a form from a dll. That worked fine once I understood and configured the permissions properly. Next, I wanted to make that form retrieve some data from a SQL Server database. I figure all I have to do is take the "Local Intranet" permission set which was working for the dll already and add "SQL Client" and just to brute force it, grant unrestricted access to all SQL Servers. Run my program, no luck. So I add "OLE DB" and full access. Still no luck. Tried a couple of others with no luck so I added every single permission available and gave each one the full permission... still no luck. Fails every time. Switch the code set to use full trust and it works like a champ. Can anyone shed any light on what I might be missing? Thanks, Michael Bealer You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com. You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
