EricP (er*********@wa nadoo.fr) writes:
I don't understand:
3 databases A, B, C on a server.
Hope one distinct (login,password ) per database for the same user.
Not sure that I understand where you heading at.
But here is how security works in SQL Server. On server level you have
logins. A login can be an SQL login or a Windows login. SQL logins have
passwords, Winodws login have not (in SQL Server; they have in Windows
of course). A login can be associated with a user in a database. Most
often login name and user name are the same, but not there is no law
that requires this. Thus, once a person have logged into SQL Server,
he can access several databases, but if he is not added as user in
a database, he has no permission to it. (I'm bere overlooking the fact
that he may own a database ae well.)
If I understand you correctly, you want the same physical person have
three different (login, password) for three different databases. In
such case this person needs to have three different logins in SQL Server,
and this means that you need to use SQL logins, or else the person will
have to change between different Windows users.
There is one more alternative, and that is application roles. With an
application role you can get access to objects in a data to which
permissions have been granted to that role. To get access to an application
role, you need to supply the password. The typical use of an
application role is that you issue sp_setapprole from the application,
and the password is embedded in the application somewhere; thus the
users never supply it, or even know about it.
--
Erland Sommarskog, SQL Server MVP,
so****@algonet. se
Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinf...2000/books.asp