Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Questions on site security

Thread Tools

Questions on site security

Robert Dufour
Posts: n/a
1- The standard security provider uses SQL express and is known as
AspNetSqlProvider and ituses SQL express. Playing around with it on my dev
environment I find that if I open it with the Sql server management studio
and attach it I induce errors in the application that is running.
That means that it is probably not possible to do maintenance on the
database when the site is running.
I have found that apps using the standard sql server 2005 allow you to use
management studio without problem when the site is running, Question is,
would it not be more reliable to use sql server full version instead of the
express version? and if so, how would you do that? ie send all the stuff
required to a full version of sql server instead of an express version. It
looks like ther might be a lot of stuff needed. Also is not sql express
limited to the number of connections and would that not cause a problem if
the number of user of the site went up significantly?

2- Often I would think, the login users of the site are also either
customers or , if the site is being used for some administrative task,
employees. In any case the membership table would need to be made to have
some relation to either a customers table or an employee table. For instance
if an employee leaves and you delete or deactivate his/her record you could
automatically delete or deactivate his/her membership record. Would it not
be better if all the tables for the membership and all the procedures were
in the same database as the other tables for the app?

3- How the devil do they do the encryptions, I am looking at the insert and
update statements in the stored procedures and there is not one iota of code
that does encryption, yet the colums are encrypted. If I wanted to make a
windows app for my login administrators how would I get the columns that
need encryption encrypted. There must be a call made thru a dll somewhere.
Anyone know what it is?

Thanks for any help.


Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Looking for solution of security between sites such as VPN site-to-site, MPLS whatev cutetplt Cisco 2 06-04-2009 02:19 AM
IT Security news and information site for Security Professionals netleets Cisco 3 08-08-2008 07:35 PM
List of free web site design, web site backgrounds, web site layoutsresources cyber HTML 0 12-21-2007 03:47 PM
List of free web site design, web site backgrounds, web site layoutsweb sites cyber HTML 1 12-19-2007 09:07 AM
IT-Security, Security, e-security COMSOLIT Messmer Computer Support 0 09-05-2003 08:34 AM