.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Tighten rights for DBCreator role

Posted By:      Posted Date: September 02, 2010    Points: 0   Category :Sql Server
This is a long posting, please read it through and then give me your thoughts on the subject or your experiences. I have a SQL Hotel, I e lots of databases 'rent' room on my clustered hotel. Whenever a new project needs a database it's up to me to make that happend. If the database is created by some install program and user is hardcoded as SA, then I run against a temporary SQL server, then I move the database, users, jobs and endpoints, if they exist to the SQL Hotel. But if the program allows me to choose user myself, then I would like to let it install against my cluster live (no I dont have a sufficient test environment, getting there slowly). If I grant a account (domain and SQL) the dbCreator role, it can drop ANY database. This is in my opinion not acceptable. Im thinking about creating a trigger like: DDL Trigger, unfortuantly fires after drop database command, but something like this... If user is member of sysadmin, then Return (exit trigger do nothing), else rollback, check DBO of the database, if user is DBO, disable the trigger and drop the database again, otherwise let the drop database be rolledback and log the event to eventviewer. Two drawbacks, I cannot suppress the message that it's not deleted (need a rollback to check weather DBO in the database is the account issuing the drop), so I will have to construct two messages, both explaining that the first

View Complete Post

More Related Resource Links

asp.net,c#,user role and rights,menu

hi friendsi want to develope general code or module or structure of web application wich handle multiple user ,their role and right, and according to their rights and role menu will be display.so i can integreate it in any website. kindly provide me solution for asp.net 3.5,C# working environment, and sqlserver 2005 environment.what is the structure for database? i want only one database not asp.net database. can i make login control type assembly(dll)?how?Thanking you 

Problem making Role based Menu in MVC application



 I want to make Rolebase menu in MVC such that if user doesnot have permission for some action then that Action name shouldnot be shown in the Menu.

 I have used the code in the url(http://forums.asp.net/t/1566328.aspx) in my MVC application.My application is a Discussion Forum(in MVC) same functionality as in this forum forums.asp.net

 I have used Controllers for post, thread etc.In each controller there are some actions that are using [Authorize(Roles)] attribute

 but this coding does not count  those Actions in Controllers having Authorize attribute according to the url http://forums.asp.net/t/1566328.aspx 

 In the code, Authorize attribute is applied to Controller class, but my requirement is of Applying Authorize attribute to some actions in controller so that some are available for all users and  some links are available rolewise.Now what is the solution for that?



Test-Driven Design: Using Mocks And Tests To Design Role-Based Objects


Use Test-Driven Development with mock objects to design object oriented code in terms of roles and responsibilities, not categorization of objects into class hierarchies.

Isaiah Perumalla

MSDN Magazine June 2009

Patterns in Practice: Object Role Stereotypes


Object role stereotypes can help you better understand and clarify the responsibilities of the objects in your application.

Jeremy Miller

MSDN Magazine August 2008

Authorize It: Use Role-Based Security in Your Middle Tier .NET Apps with Authorization Manager


Authorization Manager in Windows Server 2003 represents a significant improvement in the administration of role-based security, making it more scalable, flexible, and easier to implement. Using Authorization Manager, you can define roles and the tasks those roles can perform. You can nest roles to inherit characteristics from other roles, and you can define application groups. In addition, Authorization Manager lets you use scripts to modify permissions dynamically, and it allows you to wrap your security logic in a security policy that can be stored in Active Directory. Authorization Manager also includes an easy-to-use API for running access checks. The author discusses all of these topics and demonstrates them with a working sample.

Keith Brown

MSDN Magazine November 2003

Resource File: Windows Media 9 Series Digital Rights Management


If you have an application that handles Windows Media content and you need an effective way to track content usage, Windows Media 9 Series now offers Digital Rights Management (DRM). It allows you to take advantage of the peer-to-peer distribution model and still redirect users back to your app once they have downloaded your content (prior to viewing).

MSDN Magazine May 2003

Talking To.: Don Box Discusses Web Services and His New Role at Microsoft


Don Box has long been the preeminent expert on COM, as well as one of the creators of the SOAP protocol. He has written numerous books and articles including Essential COM (Addison-Wesley, 1997) and Essential .

MSDN Magazine December 2002

Security: Unify the Role-Based Security Models for Enterprise and Application Domains with .NET


Role-based security allows administrators to assign access permissions to users based on the roles they play rather than on their individual identities. These privileges can be used to control access to objects and methods, and are easier to identify and maintain than user-based security. The .NET Framework provides two role-based security models, which are exposed as two namespaces: System.Enterprise-Services and System.Security.Permissions. Presented here is a comparison of the two options and a discussion of when each is the right choice. The author also demonstrates the process involved in setting up access security and discusses role memberships.

Juval Lowy

MSDN Magazine May 2002

Security in .NET: Enforce Code Access Rights with the Common Language Runtime


Component-based software is vulnerable to attack. Large numbers of DLLs that are not tightly controlled are at the heart of the problem. Code access security in the Common Language Runtime of the Microsoft .NET Framework addresses this common security hole. In this model, the CLR acts as the traffic cop to assemblies, keeping track of where they came from and what security restraints should be placed on them. Another way the .NET Framework addresses security is by providing preexisting classes which have built-in security. These are the classes that are invoked in .NET when performing risky operations such as reading and writing files, displaying dialog boxes, and so on. Of course, if a component calls unmanaged code, it can bypass code access security measures. This article covers these and other security issues.

Keith Brown

MSDN Magazine February 2001

how to store User Rights Information in asp.net



Please guide me how to store user rigths inforamtion in asp.net MVC Application

Here my User permission  information look like

UserID LoginID          UserName             Page  Permission     Role 

yahoo@yahoo.com Mohammed Askar Quote Edit                Admin 
yahoo@yahoo.com Mohammed Askar Quote Delete            Admin 
yahoo@yahoo.com Mohammed Askar Quote Verify             Admin


gamil@gamil.com   Mr. X                      Quote Cancel  &nbs

Extending Role/Membership


Given an organization site, here is what we need to accomplish:

  1. Administer Role/Membership completely on specific pages of the remotely hosted site instead of using a local site within Visual Studio.
  2. Create and add region group, city group or other groups in addition to the basic user group. How can the new groups be stored and administered?
  3. After users login the 1st time, their Role/Membership are saved so that they will be redirected to their own designated page upon future login. Are we going to use cookies and/or tables to store related data?

Please advise how to best implement the above with samples and/or tutorials.

Thanks much in advance.

require guideline for 'Role-based authentication/authorization'



In my asp.net website in VS-2005 with SQL-Server 2005 as db, I need to implement role-based Authentication/Authorization.

I am familiar to the practises used in role-based authentication..as I have previously worked on projects that used this method. However, my project lead used to design the database. Now I have an existing website where authentication has been set to anonymous by setting 'allow users="?"' in the authentication tags in web.config.

If I use the createUserWizard control and use the Membership.creatUser(.....) method in code behind will the asp.net security tables, like users, roles, userinrole etc get created on its own? Can anyone please give the proper steps on how to acheive this?

Need help with setting up SQL Server 2008 for role/user management


I've posted my problem in a few other categories.  Sorry for that.  I didn't see the security category until now.

I'm trying to use ASP.NET's built-in role/user management for a couple ASP.NET MVC 2 sites.  I'm using the MVCMusicStore as my guide.  I click on the Configuration Tool as the tutorial suggests, which launches the site administration page.  Unfortunately when I click on the security tab, I get an error that it cannot connect to the data store.  Attempting to test the AspNetSqlProvider gives me a similar error.

I've run the aspnet_regsql program as the error message suggested, and I have a role/user management database ready to go on the server.  The proper tables are constructed, and all that.  The configuration tool still doesn't see the data store.

As a test, I ran the MVCMusicStore demo in the debugger.  Its role/user management functionality worked.  I was able to add myself as a customer, and add/remove items from my cart with no errors or exceptions.  However, when I attempted to access its security tab in the configuration tool, I received the same error as I get for my own project.  How is it possible that role/user management works, but the configuration tool cannot change its settings?

Any suggestions on how I can get the configuration t

sitemap control user rights enable and disable



iam using masterpage and sitemap in my project, what i want to is that

if user login is did, based on the user previlage in need to show the sitemap menu page

if user i have the previlage to see the page then i should enable that page otherwise

i need disable that page

looking for the valuable suggestions

what is role of object properties when using client side validations ?


I have been using properties and have idea that using properties with private fields we can implement validations and buisness rules in them.

But I am just thinking asp.net client side validation controls provide good strength and they provide good user experience as well. They can be used for any type of validation (using regular expression) on client side and their re-use is possible on server side. When validation controls are a must and they are powerful; is making properties not just wastage of time ?

Is there still some use of properties ? Please guide me.


SSRS Role ID and TaskMask

Hello, I need to find out who has access to what on SSRS.  From the User table, I can query something like the following.    Questions: 1) What is Role ID?  Is this a 1:1 map to a user? 2) What is TaskMask?  Is this a 1:1 map to a specific item (ie folder/report)? 3) How do I find out the mapping (ie the actual user name or folder/report name)? RoleID RoleName Description TaskMask RoleFlags 30429381-0F4C-45E9-9136-AB4FE71CCD71 View Folder View folder structure and reports available (incl report definition) but can't run reports 0000001000000000 0 DF7F6687-DF4E-4D2A-B1A8-B0917EA4E82C Browser May view folders, reports and subscribe to reports. 0010101001000100 0 DF7F6687-DF4E-4D2A-B1A8-B0917EA4E82C Browser May view folders, reports and subscribe to reports. 0010101001000100 0 30429381-0F4C-45E9-9136-AB4FE71CCD71 View Folder View folder structure and reports available (incl report definition) but can't run reports 0000001000000000 0 DF7F6687-DF4E-4D2A-B1A8-B0917EA4E82C Browser May view folders, reports and subscribe to reports. 0010101001000100 0 DF7F6687-DF4E-4D2A-B1A8-B0917EA4E82C Browser May view folders, reports and subscribe to reports.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend