I have a password protected stored procedure that I have created.
If the user issues just the name of the stored procedure he gets a
message telling him that he needs to input the password.
If the user inputs the wrong password he gets a "syntax error" message
back in the query browser.
Now, here is the question:
How can I set it up so that the password shows up as asterisk in the
query browser?
Example - Sp_test password
Shows up as Sp_test ******** in the query browser."Varied_Interest" <Varied_Interest@.mail.com> wrote in message
news:1173373412.914934.102930@.p10g2000cwp.googlegroups.com...
>I have a password protected stored procedure that I have created.
> If the user issues just the name of the stored procedure he gets a
> message telling him that he needs to input the password.
> If the user inputs the wrong password he gets a "syntax error" message
> back in the query browser.
> Now, here is the question:
> How can I set it up so that the password shows up as asterisk in the
> query browser?
> Example - Sp_test password
> Shows up as Sp_test ******** in the query browser.
>
Make the password ********
Seriously, you can't do this in query analyzer.
And not really sure the point, there's better ways to enforce security than
this.
(and if the user has the ability to run sp_helptext sp_test you have zero
security anyway.)
Also, you generally do NOT want to name a stored proc sp_ unless you intend
to put it in the master database and make it available to all databases.
sp_ stands for system procedure, NOT stored procedure and the sp_ forces the
optmizer to handle things a bit differently.
Greg Moore
SQL Server DBA Consulting
sql (at) greenms.com http://www.greenms.com|||Hi,
Regarding "name a stored proc sp_ unless you intend to put it in the master
database and make it available to all databases"
This is a "non-supported" activity, and it does not work in SQL 2005! I
made the mistake, and we have a lot of work to do to move our stuff from
2000 to 2005.
Thank you,
Daniel Jameson
SQL Server DBA
Children's Oncology Group
www.childrensoncologygroup.org
"Greg D. Moore (Strider)" <mooregr_deleteth1s@.greenms.com> wrote in message
news:O7fZCVaYHHA.208@.TK2MSFTNGP05.phx.gbl...
> "Varied_Interest" <Varied_Interest@.mail.com> wrote in message
> news:1173373412.914934.102930@.p10g2000cwp.googlegroups.com...
>
> Make the password ********
> Seriously, you can't do this in query analyzer.
> And not really sure the point, there's better ways to enforce security
> than this.
> (and if the user has the ability to run sp_helptext sp_test you have zero
> security anyway.)
> Also, you generally do NOT want to name a stored proc sp_ unless you
> intend to put it in the master database and make it available to all
> databases. sp_ stands for system procedure, NOT stored procedure and the
> sp_ forces the optmizer to handle things a bit differently.
>
> --
> Greg Moore
> SQL Server DBA Consulting
> sql (at) greenms.com http://www.greenms.com
>|||"Daniel Jameson" <djameson@.childrensoncologygroup.org> wrote in message
news:Ogum6JdYHHA.4772@.TK2MSFTNGP05.phx.gbl...
> Hi,
> Regarding "name a stored proc sp_ unless you intend to put it in the
> master database and make it available to all databases"
> This is a "non-supported" activity, and it does not work in SQL 2005! I
> made the mistake, and we have a lot of work to do to move our stuff from
> 2000 to 2005.
Hmm, wasn't sure if 2005 still allowed that or not.
Probably better that they don't.
> --
> Thank you,
> Daniel Jameson
> SQL Server DBA
> Children's Oncology Group
> www.childrensoncologygroup.org
>
Greg Moore
SQL Server DBA Consulting
sql (at) greenms.com http://www.greenms.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment