P
Peter
Given..
We are developing web apps using SQLServer and Oracle databases
We want to take advantage of connection pooling
We are currently using ASP but will be moving to ASP.NET
Should we use a single data access account ? Where should this be stored
This approach, however, would allow an unscrupulous developer to determine the passwor
of the account. S/He could include a page that displays the properties of a connection
Currently, we have an app/SQLServer tables/com component that activates roles for users based on
their role membership (in our custom security tables)
The problem with this approach is that the connections cannot be pooled because onc
a role has been activated on a connection, it cannot be used for anything else an
will throw an error if another role attempts to be activated. Therefore we disable
connection pooling
Any advice would be appreciated
Thanks
....Peter
We are developing web apps using SQLServer and Oracle databases
We want to take advantage of connection pooling
We are currently using ASP but will be moving to ASP.NET
Should we use a single data access account ? Where should this be stored
This approach, however, would allow an unscrupulous developer to determine the passwor
of the account. S/He could include a page that displays the properties of a connection
Currently, we have an app/SQLServer tables/com component that activates roles for users based on
their role membership (in our custom security tables)
The problem with this approach is that the connections cannot be pooled because onc
a role has been activated on a connection, it cannot be used for anything else an
will throw an error if another role attempts to be activated. Therefore we disable
connection pooling
Any advice would be appreciated
Thanks
....Peter