I am using paramaterised queries for all read operations and stored procs for all of the updates. While developing, I have been using a trusted connection to connect to SQL server.
Now that i'm about to deploy, what steps do I need to take to ensure that there is a single user which has basic read permissions plus execute permissions on the stored procs. The main things that i'm confused about are:-
1. What, typically do I need to set up? A new role? A new user group?
2. Trusted connections - I notice from my own connection string that I am not passing in a password. Why is that? If I continue to use a trusted connection to the server at the ISP, do I need to ask the ISP for any login information? Wil I need a password on the connection string (from what i've read so far, trusted connections are preferred becasue no password is transferred - how can that be?)
I know these are very basic questions, but all of the material i've read so far seems to assume some basic prior knowledge, (which as you can tell I don't have!)
Appreciate any help,
Thanks
BernieIn all the situations I have seen from remote hosting, you will need to change your connection string from trusted to one that has the uid=suppliedbyhost;pwd=suppliedbyhost;
If you look over your sp's check to see if dbo is the owner. This will limit the access on the remote host.
