Joe Rojas
JRojas at tnco-inc.com
Tue Dec 2 10:26:28 CST 2003
(I also posted this in the SQLServer group but I thought I might have some luck here too) Hi All, I am using SS7 with a couple of web based front ends (ASP). I have one database that I used to store information that all the other databases will use, e.g. login information. I only have one user in each database which is the IIS Webserver anonymous user. This user only has exec permissions on stored procedures, i.e. no direct access to tables. In the 'Global' DB this user has no permissions to anything and as of right now, this DB only has one table, tblLogins. DB1 has a stored procedure that accesses this 'Gobal' database to check if the user has given valid login credentials (see below) and everything works perfectly. DB2 has a stored procedure that does that same as above and the coding of the SP is identical to that of DB1. When run from DB2 I get an error message from the web page that reads: SELECT permission denied on object 'tblLogins', database 'TNCOGlobal', owner 'dbo'. I checked both databases, both web apps, and all folder permissions to find any differences and have come up with bunk! Any ideas as to why this works with one DB and not the other? Thanks, JR CREATE PROCEDURE dbo.sp_checklogin @user varchar(30), @pass varchar(20), @FL tinyint OUTPUT AS DECLARE @pass2 varchar(20) SET NOCOUNT ON SELECT @pass2 = Password, @FL = FirstLogin FROM TNCOGlobal.dbo.tblLogins WHERE UserName = @user SET NOCOUNT OFF IF (@pass2 Is NULL) BEGIN SET @FL = 3 RETURN END IF (@pass <> @pass2) BEGIN SET @FL = 2 END RETURN This electronic transmission is strictly confidential to TNCO, Inc. and intended solely for the addressee. It may contain information which is covered by legal, professional, or other privileges. If you are not the intended addressee, or someone authorized by the intended addressee to receive transmissions on behalf of the addressee, you must not retain, disclose in any form, copy, or take any action in reliance on this transmission. If you have received this transmission in error, please notify the sender as soon as possible and destroy this message. While TNCO, Inc. uses virus protection, the recipient should check this email and any attachments for the presence of viruses. TNCO, Inc. accepts no liability for any damage caused by any virus transmitted by this email.