How-do-I have a web login that authenticates a user via SQL username/pw?

T

trend

Centurion
Joined
Oct 12, 2004
Messages
171
I have a friend that has a database full of 2k-3k users. The users normally login with their username/password to the db (so he have 2k-3k valid users to access the db).

And now, he wants to have a weblogin.

I have read somewhere that he has to do "web-impersinations".. or something like that.

But does anyone know?

thanks
Lee

/edit oh yeah.. windows 2k, sql 2k, VS.net2k3/
 
Last edited:
I don't know about web-impersonations..but he could use a stored procedure for that login...something like:

create proc sp_Login
@Username
@Password

as
Select * from Users where user like @Username and pass like @Password

After that you'll have to call this stored procedure from vb...u can find a lot on this on msdn (look for parameters also)
If u need more assistance i'll help you!
Good Luck
 
to be more secure you would have the password encrypted and do a byte comparission that way it would be harder to hack since LIKE 'BOB' and LIKE 'Bob' would return the same thing if that was the password. If you at least hashed the password and did a binary compare then plain text would be stored on the server. The one mentioned above wouldn't be very secure in comparission to hashing the password and doing a binary compare. Microsoft has some examples of doing this exact thing that you're asking for but I can't seem to locate it right now.
 
Well.. I did not store the username and passwords in a table.


I have to use SQL authentication
 
Well in this case you must use Mixed Authentication or SQL Authentication and modify your connection string..something like:

"Data Source=Aron1;Initial Catalog=pubs;User Id=sa;Password=asdasd;"

Of course you should use a Sub with 2 parameteres :

Public Sub Connection( byval user as string, byval pass as string)

dim SqlString as string= "Data Source=Aron1;Initial Catalog=pubs;User Id=" & user & ";Password=" & pass & ";"

Dim oSQLConn As SqlConnection = New SqlConnection()
oSQLConn.ConnectionString=SqlString
oSQLConn.Open()

end sub

However make sure you set your Sql Server on Mixed Authentication or SQl Server Authentication because if u set it on Windows Authentication it will ignore the username and password from the connection string
 
Puiu said:
Well in this case you must use Mixed Authentication or SQL Authentication and modify your connection string..something like:

"Data Source=Aron1;Initial Catalog=pubs;User Id=sa;Password=asdasd;"

Of course you should use a Sub with 2 parameteres :

Public Sub Connection( byval user as string, byval pass as string)

dim SqlString as string= "Data Source=Aron1;Initial Catalog=pubs;User Id=" & user & ";Password=" & pass & ";"

Dim oSQLConn As SqlConnection = New SqlConnection()
oSQLConn.ConnectionString=SqlString
oSQLConn.Open()

end sub

However make sure you set your Sql Server on Mixed Authentication or SQl Server Authentication because if u set it on Windows Authentication it will ignore the username and password from the connection string
Click to expand...


Great, thanks!
 
Last edited:
Back
Top