[dba-SQLServer]SS7 - 80040e09 permission denied (strange)

Joe Rojas JRojas at tnco-inc.com
Wed Nov 26 09:45:47 CST 2003


Hi All,

I am using SS7 with a couple of web based front ends (ASP).

I have one database that I used to store information that all the other
databases will use, e.g. login information.
I only have one user in each database which is the IIS Webserver anonymous
user.
This user only has exec permissions on stored procedures, i.e. no direct
access to tables.
In the 'Global' DB this user has no permissions to anything and as of right
now, this DB only has one table, tblLogins.

DB1 has a stored procedure that accesses this 'Gobal' database to check if
the user has given valid login credentials (see below) and everything works
perfectly.

DB2 has a stored procedure that does that same as above and the coding of
the SP is identical to that of DB1. When run from DB2 I get an error message
from the web page that reads: SELECT permission denied on object
'tblLogins', database 'TNCOGlobal', owner 'dbo'.

I checked both databases, both web apps, and all folder permissions to find
any differences and have come up with bunk! Any ideas as to why this works
with one DB and not the other?

Thanks,
JR

CREATE PROCEDURE dbo.sp_checklogin
@user varchar(30),
@pass varchar(20),
@FL tinyint OUTPUT
AS
DECLARE @pass2 varchar(20)

SET NOCOUNT ON
SELECT @pass2 = Password, @FL = FirstLogin FROM TNCOGlobal.dbo.tblLogins
WHERE UserName = @user
SET NOCOUNT OFF

IF (@pass2 Is NULL)
BEGIN
	SET @FL = 3
	RETURN
END

IF (@pass <> @pass2)
BEGIN
	SET @FL = 2
END

RETURN





This electronic transmission is strictly confidential to TNCO, Inc. and
intended solely for the addressee. It may contain information which is
covered by legal, professional, or other privileges. If you are not the
intended addressee, or someone authorized by the intended addressee to
receive transmissions on behalf of the addressee, you must not retain,
disclose in any form, copy, or take any action in reliance on this
transmission. If you have received this transmission in error, please notify
the sender as soon as possible and destroy this message. While TNCO, Inc.
uses virus protection, the recipient should check this email and any
attachments for the presence of viruses. TNCO, Inc. accepts no liability for
any damage caused by any virus transmitted by this email.


More information about the dba-SQLServer mailing list