How to prevent the user from accessing database directly?
-
I have an application which is accessing a SQLServer and an Oracle. Of course, the application must know the password. I want to prevent the users from accessing the database directly. When they want to read/write data,they have to use my program. What can I do? Thanks. Hi guys. I'm a very fat man. Do you like fat men?
-
I have an application which is accessing a SQLServer and an Oracle. Of course, the application must know the password. I want to prevent the users from accessing the database directly. When they want to read/write data,they have to use my program. What can I do? Thanks. Hi guys. I'm a very fat man. Do you like fat men?
The typical way of doing this is exactly what you are talking about. You have a single logon/password which uses a somewhat complicated and unique name/password convention. All other DB accounts are locked out of the DB. The user could still access the DB directly, but they would need to know the userid/password. The other way you can do this is to encrypt the data in your DB. This is very difficult to do unless you have a library/toolkit for database access which does this for you. One way to do this is to use the digest MD5 algorithm on each and every column of data. This leads to serious problems though because it is not easy to query the DB and again, you need a library/toolkit that does the work for you.