DynamicData: Database Based Permissions - Part 1

[ERR!]
added by MIT560
9/1/2011 4:21:18 AM

170 Views

Found this a great read for those who wish to apply Table or even Column level Permissions to a Dynamic Data application. The Author has spent a great deal of time getting to know and help others in the ASP.NET Dynamic Data community.

Read the full story
C# ASP.NET
1 comments
dpeterson
9/1/2011 9:07:00 AM
It seems like a clever solution, however I'm not so sure that it *should* be necessary. I'm guessing that the reason for this solution is that most web applications would pool only a set number of database connections, all under the same login, rather than a connection per user. A connection per user would allow the application to let the database handle permissions itself (it can do table/column permissions). However there is significant overhead in opening a new database connection for each user.
Perhaps the problem lies with SQL Server logins. SQL Server logins tie all security to the login, rather than the session. Meaning, I can't change security contexts on an open connection. I have to re-establish the connection under different credentials.