SQL SERVER 2005开始提供对存储过程签名
SQLSERVER 2005 开始 提供的对存储过程签名 (signature) 是我非常喜欢的。 如果我们要编写一个存储过程 , 执行该存储过程里的代码需要权限 P, 并且我们想要用户 Alice 可以执行这个存储过程,但是我们不想将权限 P 直接赋予给用户 Alice , 我们可以用证书 (
SQLSERVER 2005开始提供的对存储过程签名(signature)是我非常喜欢的。
如果我们要编写一个存储过程,执行该存储过程里的代码需要权限P,并且我们想要用户Alice可以执行这个存储过程,但是我们不想将权限P直接赋予给用户Alice,我们可以用证书(certificate)对这个存储过程进行签名来完成这一需求:
a) 如果P是一个级别的权限,那我们可以在相应的中创建一个证书,使用证书创建一个用户(user),然后将权限p授权给这个用户
b) 如果P是一个级别的权限,那我们能要在master数据库中创建一个证书,使用证书创建一个登录(login),然后将权限P授权给这个登录
签名之后,存储过程就会在执行期间获得权限P,而我们仅仅授予了Alice执行这个存储过程的权限。
如果我们既需要服务器级别的权限,又需要数据库级别的权限,那么我们既要创建用户,又要创建登录。下面列出步骤:
1) 在数据库中创建证书
2) 创建一个用户(user)并映射到这个证书
3) 将数据库级别的权限授予这个用户
4) 备份这个证书
5) 在master数据库中还原这个证书
6) 创建一个登录(login),并将登录映射到证书
7) 将服务器级别的权限授予给这个登录
我们也可以先在master数据库中创建证书,然后再将其还原到用户alice工作的数据库。也就是证书的创建顺序并不重要,重要的是master数据库中的证书一定要和用户数据库中的相同。
下面是演示:
-- 目的
-- 展示如何用证书签名一个存储过程,
--并授予证书相应的权限
create database demo;
use demo;
-- 创建一个存储过程,该过程会创建一个主体(包含登录和用户)
-- 这需要服务器级别的ALTER ANY LOGIN 权限
-- 和数据库级别的 ALTER ANY USER 权限
create procedure sp_CreatePrincipal
@name varchar(256),
@password varchar(128)
as
declare @sqlcmd varchar(2000);
begin tran;
-- create login
set @sqlcmd = 'create login ' + quotename(@name) + ' with password = ' + quotename(@password, '''');
exec (@sqlcmd);
if @@error 0
begin
rollback tran;
print 'Cannot create login'
return;
end
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to verify signature in PDF
Feb 18, 2024 pm 05:33 PM
We usually receive PDF files from the government or other agencies, some with digital signatures. After verifying the signature, we see the SignatureValid message and a green check mark. If the signature is not verified, the validity is unknown. Verifying signatures is important, let’s see how to do it in PDF. How to Verify Signatures in PDF Verifying signatures in PDF format makes it more trustworthy and the document more likely to be accepted. You can verify signatures in PDF documents in the following ways. Open the PDF in Adobe Reader Right-click the signature and select Show Signature Properties Click the Show Signer Certificate button Add the signature to the Trusted Certificates list from the Trust tab Click Verify Signature to complete the verification Let
Outlook signature disappears every day after restart
Feb 19, 2024 pm 05:24 PM
An email signature is important to demonstrate legitimacy and professionalism and includes contact information and company logo. Outlook users often complain that signatures disappear after restarting, which can be frustrating for those looking to increase their company's visibility. In this article, we will explore different fixes to resolve this issue. Why do my Microsoft Outlook signatures keep disappearing? If this is your first time using Microsoft Outlook, make sure your version is not a trial version. Trial versions may cause signatures to disappear. Additionally, the version architecture should also match the version architecture of the operating system. If you find that your email signature disappears from time to time in Outlook Web App, it may be due to
Steps and precautions for implementing batch updates using Oracle stored procedures
Mar 08, 2024 pm 04:12 PM
Title: Steps and Precautions for Implementing Batch Updates by Oracle Stored Procedures In Oracle database, stored procedures are a set of SQL statements designed to improve database performance, reuse code, and enhance security. Stored procedures can be used to update data in batches. This article will introduce how to use Oracle stored procedures to implement batch updates and provide specific code examples. Step 1: Create a stored procedure First, we need to create a stored procedure to implement batch update operations. The following is how to create a stored procedure
New features in PHP 8: Added verification and signing
Mar 27, 2024 am 08:21 AM
PHP8 is the latest version of PHP, bringing more convenience and functionality to programmers. This version has a special focus on security and performance, and one of the noteworthy new features is the addition of verification and signing capabilities. In this article, we'll take a closer look at these new features and their uses. Verification and signing are very important security concepts in computer science. They are often used to ensure that the data transmitted is complete and authentic. Verification and signatures become even more important when dealing with online transactions and sensitive information because if someone is able to tamper with the data, it could potentially
Oracle stored procedure: Implementation method to determine whether a table exists
Mar 08, 2024 pm 09:18 PM
Stored procedures in Oracle database are a specific type of stored procedures used to execute a series of SQL statements and data operations in the database. In actual database development work, sometimes we need to determine whether a certain table exists in the database, so that we can do some judgment and logical processing in the storage process. Below we will introduce how to implement the method of determining whether a table exists in Oracle database, and provide specific code examples. First, we can use the system table user_tables or all_t
Signing and verification in PHP
May 23, 2023 pm 04:10 PM
With the development of Internet technology, security has become an increasingly important issue, especially the security of data transmitted in Internet applications. Signature and signature verification technology has become an important means to ensure data security. PHP, as a popular Internet programming language, also provides related functions for signature and signature verification. This article will introduce signature and signature verification in PHP. 1. Concepts of signature and signature verification Signature refers to encrypting data to generate a specific string based on the digital signature algorithm. The data can be verified through this string
How to delete stored procedure in MySQL
Sep 05, 2023 am 10:25 AM
MySQL methods for deleting stored procedures include using the DROP PROCEDURE statement, using MySQL Workbench, and using command line tools. Detailed introduction: 1. Use the DROP PROCEDURE statement. The steps are to first open the MySQL client or use any tool that supports MySQL, then connect to your MySQL database, and finally execute the following SQL statement to delete the stored procedure; 2. Use MySQL Workbench to delete Stored procedures and so on.
Implementation principles and applications of Golang stored procedures
Feb 22, 2024 pm 04:57 PM
Implementation Principles and Applications of Golang Stored Procedures Stored procedures are precompiled programs that are stored in relational databases and can be called by applications. They can effectively reduce the cost of network transmission of data and improve the execution efficiency of the database. Although Golang does not directly support stored procedures, you can simulate the functions of stored procedures by using SQL statements. This article will introduce the principles and applications of implementing stored procedures in Golang, and provide specific code examples. 1. The implementation principle of Golang stored procedure is in Gol
