wienerdog66
Programmer
I have an Access (front end) to Access (back end) that was inherited from past developers. Most forms are bound directly to the tables.
The app has been upgraded to be Access to SQL Server. without modifying the app greatly, I see two options for security.
1. Use NTAuthentication and grant table Select/Insert/Update/Delete rights to each user, or
2. Create a SQL Server login that I use through an ODBC DSN on each computer and grant that SQL login the rights.
Both of these are obviously insecure since the user will be able to connect to the tables (one of which is a security table with rights assigned to the user) through any ODBC enable app.
How is this normally handled? Do I HAVE to rewrite all of the forms to use stored procs for any data manipulation? All apps are on the table to be rewriten as WinForms to SQL, so I'm really looking for something that can hold us over until that is done (probably at least a year to rewrite everything).
Thanks for the help!
The app has been upgraded to be Access to SQL Server. without modifying the app greatly, I see two options for security.
1. Use NTAuthentication and grant table Select/Insert/Update/Delete rights to each user, or
2. Create a SQL Server login that I use through an ODBC DSN on each computer and grant that SQL login the rights.
Both of these are obviously insecure since the user will be able to connect to the tables (one of which is a security table with rights assigned to the user) through any ODBC enable app.
How is this normally handled? Do I HAVE to rewrite all of the forms to use stored procs for any data manipulation? All apps are on the table to be rewriten as WinForms to SQL, so I'm really looking for something that can hold us over until that is done (probably at least a year to rewrite everything).
Thanks for the help!
