Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
AskSQLTeam
Ask SQLTeam Question
0 Posts |
 Posted - 2000-12-26 : 13:02:44
|
Darren writes "How do you create a view or stored procedure that will be going cross databases without creating each user running that stored procedure or view as a separate user of the other databases.
Let me explain.
Lets say you create a view that says:
create view example as
select * from mytable
union
select * from otherdatabase..mytable
go
grant all on example to public
go
Now everybody can run this view theoretically but realistically if you try and run this view and the person you are logged in as does not have either direct or inherited select permission in otherdatabase..mytable then you will get a 'select permission denied' error.
How can you get the permission from the view inherited for the purpose of its running in the otherdatabase.
You are probably thinking right now that you should create an NT group .. use NT authenticated password and make each member you want to be able to run the view a member of the group and give the group select permission in the otherdatabase.
This in our instance is not a solution as what I am trying to do is stop people from being able to access otherdatabase..mytable except via stored procedures / views that I have explicitly created for this purpose.
This is a stumper for me." |
|
|
|
|
|
Security on Cross Database Views and Stored Procs.