Hi I have created a Client/Server application. The Client connects remotely to the SQL 2005 server using thier unique user name and password.
The client application allows the users to update a form.
I need to add to the database a digital signature for that user when they update that form. This is intended to be a replacement for a physical signature that would appear on a paper form.
Would like to use the digital signature (i.e. PKI) from a smart card to authorize a PDF document. Is it possible to retrieve the PKI from Windows once its read in via the smart card using some sort of C++ or Java API call to apply it to the PDF form?
View 1 Replies View RelatedI€™m not sure if this is the right topic for this particular forum but here goes anyway€¦
Okay, admittedly, I am not really familiar with MS SQL Server (I€™m Oracle, actually) but I am investigating a possible implementation on a relatively small scale. I am sure that MS SQL Server will handle all the database functions I need and will leave plenty of room for future growth. That really isn€™t the issue. What I am trying to figure out is how the Digital Dashboard I€™ve read about works. Of particular concern is the apparent connection between the Dashboard and Share Point. My first question is this: Is Share Point required to use the Digital Dashboard?
My next question is actually a bit easier€¦ Is there a sample site I can access that shows some of the capabilities of a Digital Dashboard implementation? I€™d like to make sure that the kinds of displays I am trying to build are actually available using this feature€¦
Thanks in advance for your assistance!
hi everyone,
I'm just a whole newbie for that. I imagine that at first is needed a certificate commited for a company.
Any link or whatever will be very appreciated.
cheers,
Hi every body... I will thank u the help that you could bring me...
This is my problem:
I am using a Web Service Task in Integration Services for access a Web Method, this method is not mine, it is a method provided for another company. This Web Method is published in a VPN (Virtual Private Network) and it is in a secured channel (https).
The properties of the Connection Manager that the Web Service Task uses are ok. The Server URL is the address of the asmx and the client certificate is the correct. In fact when I press Test Connection, the message Test Connection Succeed is shown. If I change the certificate, a connection error occurs (403 Forbidden), this means that the client certificate and the address is ok. I addition, I use this certificate to access another methods published by the same company in a Visual basic application (with WSE) and I don´t have problems.
When I execute the DTSX the error "403 Forbidden" occurs and I can't execute the method. I executed the DTS in the VS2005, SQL IDE and in a batch file (.bat) too, and the same error happened.
If I use the File Monitor tool (from SysInternal, that now belongs to Microsoft) I can see that when I test the connection (in the Connection Manager used by the Web Service Task), the process accesses the certificate's private key located in the RSA folder of my certificates. But when I run the DTSX (no matters which way), it never reads the private key, it only accesses the certificate repository.
I saw that the code of the DTSX includes the certificate in Base64, but I am thinking that this code doesn't include the private key (I don't know if it would have to do it)...
Well, the fact is that I can´t use this Web Service task. I am suspecting that is a bug of the Integration Service
Thanks for the help that could bring me...
I'm putting together a demo for signing a stored procedure and I'm coming up blank as to why it is failing. Below is the code:
USE master
GO
--Create a pair of logins
CREATE LOGIN TestLogin WITH PASSWORD = 'P@55w0rd'
GO
CREATE LOGIN DummyLogin WITH PASSWORD = 'P@55w0rd'
GO
--Create a demo database
CREATE DATABASE SignatureDemo
GO
USE SignatureDemo
GO
--Create a low privileged user in the database
CREATE USER TestLogin FOR LOGIN TestLogin
GO
CREATE USER DummyLogin FOR LOGIN DummyLogin
GO
CREATE SCHEMA Test AUTHORIZATION DummyLogin
GO
--Create a dummy table and add data to it
CREATE TABLE Test.MyTable
(ID INT IDENTITY(1,1),
TestVal VARCHAR(10) NOT NULL)
GO
INSERT INTO Test.MyTable
(TestVal)
VALUES ('Test1')
GO
INSERT INTO Test.MyTable
(TestVal)
VALUES ('Test2')
GO
--Create a procedures to access test table
CREATE PROCEDURE Test.asp_Proc1
AS
SELECT ID, TestVal FROM Test.MyTable
GO
CREATE PROCEDURE dbo.asp_SignatureTest
AS
EXEC Test.asp_Proc1
GO
GRANT EXECUTE ON dbo.asp_SignatureTest TO TestLogin
GO
--Verify that TestLogin can not select from the table
EXECUTE AS LOGIN = 'TestLogin'
EXEC asp_SignatureTest
REVERT
GO
--Create a database master key
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'P@55w0rd'
GO
CREATE CERTIFICATE TestCert WITH SUBJECT = 'Test Certificate'
GO
--Sign the procedure, remove the private key, and backup to a file
ADD SIGNATURE TO Test.asp_Proc1 BY CERTIFICATE TestCert
GO
ALTER CERTIFICATE TestCert REMOVE PRIVATE KEY
GO
BACKUP CERTIFICATE TestCert TO FILE = 'TestCert.cer'
GO
--Create a user in the database mapped to the certificate
CREATE USER CertLogin FROM CERTIFICATE TestCert
GO
--Grant permissions to the user
GRANT EXECUTE ON Test.asp_Proc1 TO CertLogin
GO
--Verify that TestLogin can now select from the table (I'm still receiving an execute permissions error on Test.asp_Proc1 for some reason.)
EXECUTE AS LOGIN = 'TestLogin'
EXEC asp_SignatureTest
REVERT
GO
USE master
GO
DROP DATABASE SignatureDemo
DROP LOGIN TestLogin
DROP LOGIN DummyLogin
DROP LOGIN CertLogin
DROP CERTIFICATE TestCert
GO
Hi !
I have such a message after trying to do replication with SQL Server 2005 using custom Business Logic Handler for a Merge Article (RMO Programming).
Message Replication-Replication Merge Subsystem: agent 'job' failed. No signature was present in the subject.
I am using C# with RMO, merge replication.
Any ideas ? How to solve this problem ?
Thanks.
I created sqlexpress database and .net app, everything was fine on my local machine.
When I moved the app to my server, I detached the database with SMSS express, moved the MDF file over along with the app files and I attached to the database with SSMS to make sure everything went over ok but when I try to open a table I get the error,
SQL Execution Error
Executed statement: Select x, x, x, x,x from tblFile
Error source: .Net SqlClient Data Provider
Error Message: Access to table dbl.tblFile is blocked because the signature is not valid.
I can open the stored procedures fine by choosing modify from the context menu.
Any ideas here?
I am currently developing a project that requires a server level permission for one stored procedure (ALTER ANY LOGIN)
To this effect, I plan to create a certificate, sign the stored procedure with it, import the certificate into the master DB and assign privileges.
I also understand that modification to the code invalidates the signature (after all thats the point of signing something).
But what about user defined functions and stored procedures referenced by the signed procedure? Does SQL server follow the dependancy chain and include referenced procedures in the signature? Or does the privilege assigned to the certificate not apply when the nested procedure is executed?
If this is not the case couldn't a restricted database user just alter a nested stored procedure they have been granted ALTER access to and make themselves SA or something?
So to sum up, do you have to duplicate the functionality of otherwise nested procedures into a certificate signed procedure to protect server security?
Hi All,
I have a user who's spell check always checks her signature - is there a way to prevent this? I know how to stop it on an individual email, but I want every email she creates to automatically NOT check the signiture file.
Running - Exchange 2003 and Outlook 2003.
Thanks!
In the 70-461 objectives it says: Ensure code non regression by keeping consistent signature for procedure, views and function (interfaces); security implications...I think I understand what this means in general. They want us to be able to create a view that will still be able to call the original data even if the table is modified. In other words, the view table shouldn't easily be broken. ie, type a code that does NOT ensure non regression, then change the code so that it does ensure non regression.Â
View 4 Replies View Related