Please provide feedback on the security design. Are there better ways to handle security in a web application like this? (Remember that SqlCredit currently supports both SQL Server 2000 and 2005.)
Last edited by lcole; 04-27-2007 at 03:01 PM.
Reason: added link to article
I normally would not go through the porcess of explicitly denying access, but agree that it probably should be done. I definitely agree that Grant's should only be given to stored procedures, functions, and, I would add select on views.