All geek questions in one place

How to prevent other applications from connecting to SQL Server?

I have a Delphi application connecting to a remote SQL Server through ADO components.

How can I only allow access to my SQL Server 2012 application, and any other application trying to connect should be thrown away?

+4
source share
3 answers

The problem is that everything that connects to SQL Server does this with a ConnectionString.

If you really want this, you can intercept them and use them to fake to be another application.

While applications cannot use digital signatures in one way or another to connect, there is no way to provide what you want.

+3
source

You must use the Login Trigger and in this trigger compare APP_NAME() with a constant containing your application name. If they are different, do ROLLBACK .

+2
source

You can use the application role in SQL Server.

It makes no sense for me to block the whole of SQL Server using the login trigger. There may be other databases, and they should also be free, for example, SQL Agent for either Management Studio or the updater ...

If you want to control access to the database, use user roles and applications. According to the Appendix. A role that you should call a single stored procedure from your compiled code, and everything you can do will be determined by the role of the application. If you disable access to other roles and users, no one will be able to access your database ... Other databases can also be configured so as not to grant permissions to other users / roles.

This makes more sense, has no problems with the connection string, and is flexible for other tasks.

Sorry for my English, this is not my native language.

0
source

Source: https://habr.com/ru/post/1432474/

More articles:


All Articles