Jump to content
Xtreme .Net Talk

How-do-I have a web login that authenticates a user via SQL username/pw?

trend

By trend
in ASP.NET

 Share

Recommended Posts

trend Newbie

trend

Posted
Posted (edited)

I have a friend that has a database full of 2k-3k users. The users normally login with their username/password to the db (so he have 2k-3k valid users to access the db).

 

And now, he wants to have a weblogin.

 

I have read somewhere that he has to do "web-impersinations".. or something like that.

 

But does anyone know?

 

thanks

Lee

 

/edit oh yeah.. windows 2k, sql 2k, VS.net2k3/

Edited by trend
Puiu Newbie

Puiu

Posted
Posted

I don't know about web-impersonations..but he could use a stored procedure for that login...something like:

 

create proc sp_Login

@Username

@Password

 

as

Select * from Users where user like @Username and pass like @Password

 

After that you'll have to call this stored procedure from vb...u can find a lot on this on msdn (look for parameters also)

If u need more assistance i'll help you!

Good Luck

bri189a Newbie

bri189a

Posted
Posted
to be more secure you would have the password encrypted and do a byte comparission that way it would be harder to hack since LIKE 'BOB' and LIKE 'Bob' would return the same thing if that was the password. If you at least hashed the password and did a binary compare then plain text would be stored on the server. The one mentioned above wouldn't be very secure in comparission to hashing the password and doing a binary compare. Microsoft has some examples of doing this exact thing that you're asking for but I can't seem to locate it right now.
Puiu Newbie

Puiu

Posted
Posted

Well in this case you must use Mixed Authentication or SQL Authentication and modify your connection string..something like:

 

"Data Source=Aron1;Initial Catalog=pubs;User Id=sa;Password=asdasd;"

 

Of course you should use a Sub with 2 parameteres :

 

Public Sub Connection( byval user as string, byval pass as string)

 

dim SqlString as string= "Data Source=Aron1;Initial Catalog=pubs;User Id=" & user & ";Password=" & pass & ";"

 

Dim oSQLConn As SqlConnection = New SqlConnection()

oSQLConn.ConnectionString=SqlString

oSQLConn.Open()

 

end sub

 

However make sure you set your Sql Server on Mixed Authentication or SQl Server Authentication because if u set it on Windows Authentication it will ignore the username and password from the connection string

trend Newbie

trend

Posted
  • Author
Posted (edited)
Well in this case you must use Mixed Authentication or SQL Authentication and modify your connection string..something like:

 

"Data Source=Aron1;Initial Catalog=pubs;User Id=sa;Password=asdasd;"

 

Of course you should use a Sub with 2 parameteres :

 

Public Sub Connection( byval user as string, byval pass as string)

 

dim SqlString as string= "Data Source=Aron1;Initial Catalog=pubs;User Id=" & user & ";Password=" & pass & ";"

 

Dim oSQLConn As SqlConnection = New SqlConnection()

oSQLConn.ConnectionString=SqlString

oSQLConn.Open()

 

end sub

 

However make sure you set your Sql Server on Mixed Authentication or SQl Server Authentication because if u set it on Windows Authentication it will ignore the username and password from the connection string

 

 

Great, thanks!

Edited by trend

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...