Hi I have created a Client/Server application. The Client connects remotely to the SQL 2005 server using thier unique user name and password.
The client application allows the users to update a form.
I need to add to the database a digital signature for that user when they update that form. This is intended to be a replacement for a physical signature that would appear on a paper form.
Would like to use the digital signature (i.e. PKI) from a smart card to authorize a PDF document. Is it possible to retrieve the PKI from Windows once its read in via the smart card using some sort of C++ or Java API call to apply it to the PDF form?
I€™m not sure if this is the right topic for this particular forum but here goes anyway€¦
Okay, admittedly, I am not really familiar with MS SQL Server (I€™m Oracle, actually) but I am investigating a possible implementation on a relatively small scale. I am sure that MS SQL Server will handle all the database functions I need and will leave plenty of room for future growth. That really isn€™t the issue. What I am trying to figure out is how the Digital Dashboard I€™ve read about works. Of particular concern is the apparent connection between the Dashboard and Share Point. My first question is this: Is Share Point required to use the Digital Dashboard?
My next question is actually a bit easier€¦ Is there a sample site I can access that shows some of the capabilities of a Digital Dashboard implementation? I€™d like to make sure that the kinds of displays I am trying to build are actually available using this feature€¦
Hi every body... I will thank u the help that you could bring me...
This is my problem:
I am using a Web Service Task in Integration Services for access a Web Method, this method is not mine, it is a method provided for another company. This Web Method is published in a VPN (Virtual Private Network) and it is in a secured channel (https).
The properties of the Connection Manager that the Web Service Task uses are ok. The Server URL is the address of the asmx and the client certificate is the correct. In fact when I press Test Connection, the message Test Connection Succeed is shown. If I change the certificate, a connection error occurs (403 Forbidden), this means that the client certificate and the address is ok. I addition, I use this certificate to access another methods published by the same company in a Visual basic application (with WSE) and I don´t have problems.
When I execute the DTSX the error "403 Forbidden" occurs and I can't execute the method. I executed the DTS in the VS2005, SQL IDE and in a batch file (.bat) too, and the same error happened.
If I use the File Monitor tool (from SysInternal, that now belongs to Microsoft) I can see that when I test the connection (in the Connection Manager used by the Web Service Task), the process accesses the certificate's private key located in the RSA folder of my certificates. But when I run the DTSX (no matters which way), it never reads the private key, it only accesses the certificate repository.
I saw that the code of the DTSX includes the certificate in Base64, but I am thinking that this code doesn't include the private key (I don't know if it would have to do it)...
Well, the fact is that I can´t use this Web Service task. I am suspecting that is a bug of the Integration Service
I created sqlexpress database and .net app, everything was fine on my local machine.
When I moved the app to my server, I detached the database with SMSS express, moved the MDF file over along with the app files and I attached to the database with SSMS to make sure everything went over ok but when I try to open a table I get the error,
SQL Execution Error Executed statement: Select x, x, x, x,x from tblFile Error source: .Net SqlClient Data Provider Error Message: Access to table dbl.tblFile is blocked because the signature is not valid.
I can open the stored procedures fine by choosing modify from the context menu.
I am currently developing a project that requires a server level permission for one stored procedure (ALTER ANY LOGIN)
To this effect, I plan to create a certificate, sign the stored procedure with it, import the certificate into the master DB and assign privileges.
I also understand that modification to the code invalidates the signature (after all thats the point of signing something).
But what about user defined functions and stored procedures referenced by the signed procedure? Does SQL server follow the dependancy chain and include referenced procedures in the signature? Or does the privilege assigned to the certificate not apply when the nested procedure is executed?
If this is not the case couldn't a restricted database user just alter a nested stored procedure they have been granted ALTER access to and make themselves SA or something?
So to sum up, do you have to duplicate the functionality of otherwise nested procedures into a certificate signed procedure to protect server security?
I have a user who's spell check always checks her signature - is there a way to prevent this? I know how to stop it on an individual email, but I want every email she creates to automatically NOT check the signiture file.
In the 70-461 objectives it says: Ensure code non regression by keeping consistent signature for procedure, views and function (interfaces); security implications...I think I understand what this means in general. They want us to be able to create a view that will still be able to call the original data even if the table is modified. In other words, the view table shouldn't easily be broken. ie, type a code that does NOT ensure non regression, then change the code so that it does ensure non regression.Â