When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles
ASPFAQs.com
Message Board
Related Web Technologies
User Tips!
Coding Tips

Sections:
Sample Chapters
Commonly Asked Message Board Questions
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Security
Stump the SQL Guru!
XML Info
Information:
Feedback
Author an Article
ASP ASP.NET ASP FAQs Message Board Feedback
Print this page.
The SQL Guru Answers your Questions...


Today's question comes from Andy.

I need a way to validate a SQL Users password. The only way I have come up with is to try to access the server, then if it fails the user isn't validated. There must be a better way. I've tried running a query on both the syslogin table and the sysxlogin table with converting the password the various data types. I didn't think it would work, but tried anyway. Do you have any ideas?

Hi Andy,

The password in syslogins is encrypted, so there really is no way you can get to it. I don't understand why you are trying to reinvent the wheel though. The whole point of the SQL Users password is to allow/disallow access to the server. If this fails, it's up to the client application to handle the failure gracefully and issue an error message to the user. I think you should be focusing on handling the issue of a clean login using the existing SQL Server functionality, rather than rewriting SQL's login process :)

Another thing, have you considered using NT Security to handle user authentication. This could provide a transparent login procedure to the end-user, while you can rest assured that only authorised users are accessing the database. (You have to be using NT on the client machines to implement this though).

Good luck,

Owen


Read Other SQL Guru Questions


ASP.NET [1.x] [2.0] | ASPMessageboard.com | ASPFAQs.com | Advertise | Feedback | Author an Article