How to encrypt the java application code using the 'with encryption' clause from sql server stored procedure or function.
View 3 Repliesjava code to retrieve the data returned by SQL server stored procedure which is of CURSOR VARYING OUTPUT type and display the details on console.
View 3 Replies View RelatedIn the 70-461 objectives it says: Ensure code non regression by keeping consistent signature for procedure, views and function (interfaces); security implications...I think I understand what this means in general. They want us to be able to create a view that will still be able to call the original data even if the table is modified. In other words, the view table shouldn't easily be broken. ie, type a code that does NOT ensure non regression, then change the code so that it does ensure non regression.Â
View 4 Replies View RelatedHow to encrypt the procedure in the view itself using RSA?
View 10 Replies View RelatedI am search for coding criteria I need create a stored procedure with execute as and along with encryption. How can I use the same ? My main motive is to create proc with execute as a user also at the same time I need to encrypt the same from other users seeing the code.
The below query is getting errors:
Create procedure testproc
with execute as 'user' and with encryption
as truncate table some table
Hi,
I would like to know that how can I encrypt a stored procedure, so that it can not be decrypt by me or not by any one ? I have tried using the SQL encrypt,but there is a decrypt command which decrypt the same. I do not want any one to decrypt without a password or encrypt the stored procedure so that it can never be decrypted.
Thanking you,
Regards..Jay
How might I encrypt a stored procedure in SQL server.
In sybase this is done with SP_HIDETEXT but SQL server doesn't appear to have this.
Is there another way?
Thanks,
How to encrypt the Text Of Stored Procedure
Pls Sir Give me Small Example
Yaman
Hey all,
I've got a question and after doing some research I've found only a vague reference but no clear answer.
I have a java app that will be passing parameters to my stored procedure. I'll grab the requested info from the tables but instead of sending it back to the java app that sent the request, I need to send it to a "different" java app (the second java app will not be running at the time).
Can someone point me to a good source for executing java applications from a stored procedure?
Thanks in advance ...
tam
I'm trying to use a servlet to process a form, then send that data toan SQL server stored procedure. I'm using the WebLogic 8 App. server.I am able to retrieve database information, so I know my applicationserver can talk to the database.I've determined the failure occurs when the the following statement isexecuted: cstmt.execute(); (due to the failure of println statementsplaced afterwards). I get the following error after trying to executethe stored procedure call:[Microsoft][ODBC SQL Server Driver][SQL Server]Could not find storedprocedure 'insertTheForm'The username and password i'm using to connect is a Windows user withadmin rights. It is also associated with the Odbc connection--and ofcourse is a database user..with full rights. I have executablepermissions on the stored procedure set up as well. I did a microsoftrecommended registry fix as well (for a previouserror:http://support.microsoft.com/defaul...;en-us;Q238971).Am I missing something? I posted my servlet code below.Thanks for any help!DineshformHandlingServlet.class-------------------------package showme;/** formHandlingServlet.java** Created on July 6, 2003, 7:01 PM*/import javax.servlet.*;import javax.servlet.http.*;import java.io.*;import java.sql.*;import java.text.DateFormat;/**** @author Administrator*/public class formHandlingServlet extends HttpServlet {private static final String email1 = "email";private static final String password1 = "password1";private static final String password2 = "password2";private static final String displayname = "displayname";Connection dbConn = null;// create a persistent conneciton to the SQL serverpublic void init() throws ServletException{String jdbcDriver = "sun.jdbc.odbc.JdbcOdbcDriver";String dbURL = "jdbc:odbc:Con2";String usernameDbConn = "dinesh";String passwordDbConn = "werty6969";try{Class.forName(jdbcDriver).newInstance();dbConn = DriverManager.getConnection(dbURL, usernameDbConn,passwordDbConn);}catch (ClassNotFoundException e){throw new UnavailableException("jdbc driver not found:" + dbURL);}catch (SQLException e){throw new UnavailableException("error: " + e);}catch (Exception e){throw new UnavailableException("error: " +e);}}public void doPost(HttpServletRequest request, HttpServletResponseresponse) throws ServletException, IOException{response.setContentType("text/plain");PrintWriter out = response.getWriter();//extract parameter information from register.jspString email1 = request.getParameter("email1");String password1 = request.getParameter("password1");String password2 = request.getParameter("password2");String displayname = request.getParameter("displayname");try{//make a callable statement for a stored procedure.//It has four parametersCallableStatement cstmt = dbConn.prepareCall("{call insertTheForm(?, ?, ?, ?)}");//set the values of the stored procedure's input parametersout.println("calling stored procedure . . .");cstmt.setString(1, email1);cstmt.setString(2, password1);cstmt.setString(3, password2);cstmt.setString(4, displayname);//now that the input parameters are set, we can proceed to execute theinsertTheForm stored procedurecstmt.execute();out.println("stored procedure executed");}catch (SQLException e){throw new UnavailableException("error: " + e);}}}
View 3 Replies View RelatedI am trying to insert data in a table using a stored procedure, but somehow I cannot store the values passed by the stored procedure in the table.
Table has two fields FIRST_NAME, LAST_NAME with varbinary data type(I need to encrypt the data)
My stored procedure is as follows. Please let me know what i am doing wrong!
***************************************************************
ALTER PROCEDURE [dbo].[SP_InsertInfo]
-- Add the parameters for the stored procedure here
@FIRST_NAME varBINARY(100)
,@LAST_NAME varBINARY(100)
AS
OPEN SYMMETRIC KEY key DECRYPTION BY CERTIFICATE cert
BEGIN
SET NOCOUNT ON;
-- Insert statements for procedure here
Insert into [dbo].[INFO] (FIRST_NAME, LAST_NAME)
Values ( encryptbykey( key_guid('key'),'@FIRST_NAME'),
encryptbykey( key_guid('key'),'@LAST_NAME')
)
close SYMMETRIC KEY key
END
**********************************************
EXEC sp_InsertInfo 'larry', 'Smith'
when I run the SP, the data stored in the first_name, last_name fields are @FIRST_NAME', @LAST_NAME' instead of larry, smith respectively.
Thanks
I know that we can CREATE PROCEDURE procedure_name WITH ENCRYPTION.
But how about if I want encrypt existing stored procedures?
Which command should I use ?
I created stored function with encryption.
after i created i dont able to view the source code from system tables or any tool.
i have get back the original source code
note: i want to stored function not for stored procedure.
Hi,
I'm trying to use a stored procedure to encrypt data but it dosent work fine, this is how I proceeded and that worked well
Code Snippet
CREATE PROCEDURE [dbo].[UpdateUser]
@CardNumber nvarchar(max),
@UserID int
AS
BEGIN
SET NOCOUNT ON;
DECLARE @SecretData varbinary(max)
OPEN SYMMETRIC KEY MY_SYMMETRIC_KEY
DECRYPTION BY CERTIFICATE [MY_CERTIFICATE]
DECLARE @KeyGuid AS UNIQUEIDENTIFIER
SET @KeyGuid = key_guid( 'MY_SYMMETRIC_KEY')
SET @SecretData = encryptbykey( @KeyGuid, @CardNumber)
UPDATE User
SET
CardNumber=@SecretData
Where UserID=@UserID
CLOSE SYMMETRIC KEY MY_SYMMETRIC_KEY
END
but Now I use my Stored Procedure to encrypt the data, but I'm getting bad data when I decrypt.
Code Snippet
CREATE PROCEDURE [dbo].[UpdateUser]
@CardNumber nvarchar(max),
@UserID int
AS
BEGIN
SET NOCOUNT ON;
DECLARE @SecretData varbinary(max)
exec EncryptData @CardNumber, @SecretData output
UPDATE User
SET
CardNumber=@SecretData
Where UserID=@UserID
END
Code Snippet
CREATE PROCEDURE [EncryptData]
@ClearData varchar(max),
@SecretData varbinary(max) output
WITH EXECUTE AS 'DBO'
AS
BEGIN
OPEN SYMMETRIC KEY MY_SYMMETRIC_KEY
DECRYPTION BY CERTIFICATE [MY_CERTIFICATE]
DECLARE @KeyGuid AS UNIQUEIDENTIFIER
SET @KeyGuid = key_guid( 'MY_SYMMETRIC_KEY')
SET @SecretData = encryptbykey( @KeyGuid, @ClearData)
CLOSE SYMMETRIC KEY My_SYMMETRIC_KEY
END
Any Idea how to fix this issue
Thanks in advance.
in my java application I've made a call to this stored procedureCREATE procedure pruebaICM@pANI varchar(20),@pTABLA varchar(20),@pInsert varchar(500),@pUpdate varchar(1000),@pFLAG varchar(1),@pResultado int OUTPUTasbeginDECLARE @ani varchar(20)declare @cliente intDECLARE @sentencia nvarchar(1000)DECLARE @tabla nvarchar(20)DECLARE @sentencia_where nvarchar(50)DECLARE @sql nvarchar(1050)SET NOCOUNT ONset @tabla = @pTABLAset @ani = @pANISELECT @sql= N'select @cliente=count(ani) from '+ @tabla + N' whereani = ' + @aniexec sp_executesql @sql, N'@Cliente INT OUTPUT', @Cliente OUTPUTSELECT @Clienteif (@pFLAG = 'A') or (@pFLAG = 'Actualizar') or (@pFLAG = 'I')beginif (@cliente = 0)beginset @sentencia = N'insert into ' +@pTABLA + N' values (' + @pInsert + N')'EXEC sp_executesql @sentenciaset @pResultado = 1SELECT @pResultadoreturn @pResultadoendif (@cliente = 1)beginset @sentencia = N'update ' + @pTABLA +N' set ' + @pUpdateset @sentencia_where = N' where ANI =' + @pANIset @sql = @sentencia +@sentencia_whereEXEC sp_executesql @sqlset @pResultado = 2SELECT @pResultadoreturn @pResultadoendendelse if (@pFLAG = 'B') or (@pFLAG = 'Borrar')beginif (@cliente = 0)beginset @pResultado = 0SELECT @pResultadoreturn @pResultadoendelse if (@cliente = 1)beginset @sentencia = N'delete from '+@pTABLA + N' where ANI = ' + @pANIEXEC sp_executesql @sentenciaset @pResultado = 3SELECT @pResultadoreturn @pResultadoendendEXEC sp_cursorcloseendMy problem is that the ouutput param @pResultado haven't got any valueand don't return anything to the java application. How can I fix thisproblem?Thanka very much for helping me!!!!
View 2 Replies View RelatedHow to pass value for the “in� clause in the SQL server stored procedure? Let us consider the following code.
declare @Country varchar(200)
set @CountryIds='1,11'
select CountryName from COUNTRY where CountryId in (@CountryIds)
GO
In the above code, the lists of country ids are needed to feed from the front end. In the above example, we need to select countries for 1 and 11. So, how to pass this from front end and what will be the data type of the parameter. I am using front end as .Net. Please help in this regard. The stored procedure what I wrote was.
CREATE PROCEDURE [cmp].[Events_By_Country]
@CountryIds varchar(200)
AS
select CountryName from COUNTRY where CountryId in (@CountryIds)
GO
Which is not working.
We have to encrypt one of the SQL Server column data at the database level, we don’t want to modify the application programs, because we use ERP application and we don’t want to reapply our customization very few months, so we are looking for an option  to encrypt and decrypt the column level data value using trigger/procedure/function,  I used instead of trigger on that table to encrypt and decrypt the values but it is not working, we want only one user(Application Service account) have an ability to encrypt and decrypt the data, not for any other id.. I read somewhere we cannot automatically encrypt/decrypt the column value using trigger, is that true...
View 5 Replies View RelatedI have created two user defined functions for encryption and decryption using passphrase mechanism. When I call encryption function, each time I am getting the different values for the same input. While I searching a particular value, it takes long time to retrieve due to calling decryption function for each row.
best way to encrypt and decrypt using user defined functions.Below is the query which is taking long time.
SELECT ID FROM table WITH (NOLOCK)
                    WHERE dbo.DecodeFunction(column) = 'value'
When I try to use symetric or asymetric encryption, I am not able to put "OPEN SYMETRIC KEY" code in a function. So, I am using PassPhrase mechanism.
Hi
How Can I Generating wrapper code for SQL Server Stored Procedure ??
If You will Go To The Following link you will see an example for Generating wrapper code for Oracle Database .. And Also the author say there is built in tool for Generating wrapper code for SQL Server
http://www.codeproject.com/vb/net/OracleSPWrapper.asp
my question .. where is this tools ???
and thanks with my regarding
Fraas
All:
I have created a stored procedure on SQL server that does an Insert else Update to a table. The SP starts be doing "IF NOT EXISTS" check at the top to determine if it should be an insert or an update.
When i run the stored procedure directly on SQL server (Query Analyzer) it works fine. It updates when I pass in an existing ID#, and does an insert when I pass in a NULL to the ID#.
When i run the exact same logic from my aspx.vb code it keeps inserting the data everytime! I have debugged the code several times and all the parameters are getting passed in as they should be? Can anyone help, or have any ideas what could be happening?
Here is the basic shell of my SP:
CREATE PROCEDURE [dbo].[spHeader_InsertUpdate]
@FID int = null OUTPUT,@FLD1 varchar(50),@FLD2 smalldatetime,@FLD3 smalldatetime,@FLD4 smalldatetime
AS
Declare @rtncode int
IF NOT EXISTS(select * from HeaderTable where FormID=@FID)
Begin begin transaction
--Insert record Insert into HeaderTable (FLD1, FLD2, FLD3, FLD4) Values (@FLD1, @FLD2, @FLD3,@FLD4) SET @FID = SCOPE_IDENTITY(); --Check for error if @@error <> 0 begin rollback transaction select @rtncode = 0 return @rtncode end else begin commit transaction select @rtncode = 1 return @rtncode end endELSE
Begin begin transaction
--Update record Update HeaderTable SET FLD2=@FLD2, FLD3=@FLD3, FLD4=@FLD4 where FormID=@FID;
--Check for error if @@error <> 0 begin rollback transaction select @rtncode = 0 return @rtncode end else begin commit transaction select @rtncode = 2 return @rtncode end
End---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Thanks,
Blue.
All --
Please help.
I am using managed code in SQL Server 2005 and have a question about stored procedure name qualification.
With a VS.NET 2005 Pro Database project, when I use >Build, >DeploySolution, it works great but my stored procedures are named with qualification using my domainusername.ProcName convention, something like this...
XYZ_TECHKamoskiM.GetData
...when I want them to be named with the dbo.ProcName convention, something like this...
dbo.GetData
...and I cannot see where this can be changed.
Do you happen to know?
Please advise.
(BTW, I have tried going to this setting >Project, >Properties, >Database, >AssemblyOwner, and putting in the value "dbo" but that does not do what I want.)
(BTW, as a workaround, I have simply scripted the procedures, so that I can drop them and then add them back with the right names-- but, that is a bit tedious and wasted effort, IMHO.)
Thank you.
-- Mark Kamoski
I have a stored procedure with several insert into statements. On occasion one of the insert into queries doesn't return any data. What is the best way to test for no records then, skip that query?
View 5 Replies View RelatedJahnavi writes "I have some logic for Encryption and Decryption following the Serialization and Deserialization of an object.
I would like to move this approach to CLR stored procedures to leverage the advantages in SQL 2005.
Could you please provide me with the details of the pros and cons of the approach and the various possibilities over this.
Would be glad to receive any kind of inputs from you.
Thanks,
Jahnavi"
Hi, I created the stored procedure with encryption and now I want to see the same procedure but I am not able to see the text of procedure with SP_HELPTEXT command. Please help so that I could see my stored procedure with sp_helptext command. Thanks.
My command was:
sp_helptext dm_sp_Outstanding_Events
Error message:
The text for object 'dm_sp_Outstanding_Events' is encrypted.
Hi,
I would like to create a stored procedure, which accept RunAsUser, MasterKeyPassword and also ASymmetricKeyPassword. In this stored procedure, it call OPEN MASTER KEY and etc. I put these code in stored procedure so that my support staff can call it when doing maintenance by passing the parameter. I don't expect them to remember OPEN MASTER KEY and etc syntax.
However, I hit error "Invalid Syntax" when I run my code as below. Any ideas?
Thank you
-- ================================================
-- Template generated from Template Explorer using:
-- Create Procedure (New Menu).SQL
--
-- Use the Specify Values for Template Parameters
-- command (Ctrl-Shift-M) to fill in the parameter
-- values below.
--
-- This block of comments will not be included in
-- the definition of the procedure.
-- ================================================
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
-- =============================================
-- Author: <Author,,Name>
-- Create date: <Create Date,,>
-- Description: <Description,,>
-- =============================================
CREATE PROCEDURE GrantMe
-- Add the parameters for the stored procedure here
@RunAsUser varchar(20), @MasterKey varchar(30), @ASKey varchar(30)
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
EXEC AS USER=@RunAsUser;
OPEN MASTER KEY DECRYPTION BY PASSWORD=@MasterKey;
OPEN SYMMETRIC KEY HRMS
DECRYPTION BY ASYMMETRIC KEY FlexHRMS WITH PASSWORD=@AsKey ;
END
GO
I need a simple anf functionally CRUD Stored Procedure Code/Scripts Generator.
Anyone have a solution?
Thanks in Advance.
Any better way to query SQL 2012 to display the code of a stored proc to a single line. I'm trying to write a script to insert the contents of the procs between my devestprod environments. So people can query a single table for any proc that is different between environments. At the moment I am using the syscomments view and the text column but the problem here is if you get a lengthy proc it cuts it up into multiple rows.
I can get around it by converting the text to a varchar(max) and outer joining the query, but as you can see by my code below I have to try and guess what the maximum number of rows I'm going to get back for my largest proc. If someone adds a new one that returns 8 rows I'm going to miss it with this query.
Select col1.[type],col1.[name],convert(varchar(max),col1.text) + isnull(convert(varchar(max),col2.Text),'')
+ isnull(convert(varchar(max),col3.Text),'')
+ isnull(convert(varchar(max),col4.Text),'')
+ isnull(convert(varchar(max),col5.Text),'')
+ isnull(convert(varchar(max),col6.Text),'')
+ isnull(convert(varchar(max),col7.Text),'')
[Code] .....
Hello,
I'm using ASP.Net to update a table which include a lot of fields may be around 30 fields, I used stored procedure to update these fields. Unfortunatily I had to use a FormView to handle some TextBoxes and RadioButtonLists which are about 30 web controls.
I 've built and tested my stored procedure, and it worked successfully thru the SQL Builder.The problem I faced that I have to define the variable in the stored procedure and define it again the code behind againALTER PROCEDURE dbo.UpdateItems
(
@eName nvarchar, @ePRN nvarchar, @cID nvarchar, @eCC nvarchar,@sDate nvarchar,@eLOC nvarchar, @eTEL nvarchar, @ePhone nvarchar,
@eMobile nvarchar, @q1 bit, @inMDDmn nvarchar, @inMDDyr nvarchar, @inMDDRetIns nvarchar,
@outMDDmn nvarchar, @outMDDyr nvarchar, @outMDDRetIns nvarchar, @insNo nvarchar,@q2 bit, @qper2 nvarchar, @qplc2 nvarchar, @q3 bit, @qper3 nvarchar, @qplc3 nvarchar,
@q4 bit, @qper4 nvarchar, @pic1 nvarchar, @pic2 nvarchar, @pic3 nvarchar, @esigdt nvarchar, @CCHName nvarchar, @CCHTitle nvarchar, @CCHsigdt nvarchar, @username nvarchar,
@levent nvarchar, @eventdate nvarchar, @eventtime nvarchar
)
AS
UPDATE iTrnsSET eName = @eName, cID = @cID, eCC = @eCC, sDate = @sDate, eLOC = @eLOC, eTel = @eTEL, ePhone = @ePhone, eMobile = @eMobile,
q1 = @q1, inMDDmn = @inMDDmn, inMDDyr = @inMDDyr, inMDDRetIns = @inMDDRetIns, outMDDmn = @outMDDmn,
outMDDyr = @outMDDyr, outMDDRetIns = @outMDDRetIns, insNo = @insNo, q2 = @q2, qper2 = @qper2, qplc2 = @qplc2, q3 = @q3, qper3 = @qper3,
qplc3 = @qplc3, q4 = @q4, qper4 = @qper4, pic1 = @pic1, pic2 = @pic2, pic3 = @pic3, esigdt = @esigdt, CCHName = @CCHName,
CCHTitle = @CCHTitle, CCHsigdt = @CCHsigdt, username = @username, levent = @levent, eventdate = @eventdate, eventtime = @eventtime
WHERE (ePRN = @ePRN)
and the code behind which i have to write will be something like thiscmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@eName", ((TextBox)FormView1.FindControl("TextBox1")).Text);cmd.Parameters.AddWithValue("@ePRN", ((TextBox)FormView1.FindControl("TextBox2")).Text);
cmd.Parameters.AddWithValue("@cID", ((TextBox)FormView1.FindControl("TextBox3")).Text);cmd.Parameters.AddWithValue("@eCC", ((TextBox)FormView1.FindControl("TextBox4")).Text);
((TextBox)FormView1.FindControl("TextBox7")).Text = ((TextBox)FormView1.FindControl("TextBox7")).Text + ((TextBox)FormView1.FindControl("TextBox6")).Text + ((TextBox)FormView1.FindControl("TextBox5")).Text;cmd.Parameters.AddWithValue("@sDate", ((TextBox)FormView1.FindControl("TextBox7")).Text);
cmd.Parameters.AddWithValue("@eLOC", ((TextBox)FormView1.FindControl("TextBox8")).Text);cmd.Parameters.AddWithValue("@eTel", ((TextBox)FormView1.FindControl("TextBox9")).Text);
cmd.Parameters.AddWithValue("@ePhone", ((TextBox)FormView1.FindControl("TextBox10")).Text);
cmd.Parameters.AddWithValue("@eMobile", ((TextBox)FormView1.FindControl("TextBox11")).Text);
So is there any way to do it better than this way ??
Thank you
I could identify the last or all stored procedure, which was performed on a database, +/- something similar to what the profile of sql server identifies as below ?
View 2 Replies View RelatedI linked MS SQL and MySQL and i would like to have insert trigger on MySQL to import certain fields every time when there's new entry.
View 5 Replies View RelatedMy MS-SQL 2000 Database have 50 more Stored Procedure .How to FAST and EASY ENCRYPTION ALL Stored Procedure in my MS-SQLDatabase?
View 1 Replies View RelatedI am having table on which i want to fire a query on.
table structure is as follows :
Table1Â
Table1ID Â Â bigint PK
City  nvarchar(10)
FirstName  nvarchar(10)
LastName  nvarchar(10)
MiddleName  nvarchar(10)
State  nvarchar(10)
FirstName  nvarchar(10)
LastName  nvarchar(10)
LLDCode    nvarchar(20)
MMDCode   nvarchar(20)
LastModified   datetime
CreatedDateTime    datetime
LastUpdatedDateTime    datetime
SSN# Â nvarchar(20)
I have to write a parameterised stored procedure where multiple values will be pass as input to SP.
E:g: Â 1) SSN# if no record found by SSN# then 2) Find by LLDCode OR MMDCode
This logic can be implemented using UNION to join output of 2 queries and selecting by LastUpdatedDateTime this query will return the Table1ID.
Now we will fire the query on table2 where this Table1ID as FK in Table2 and we will return the filed SSXML from Table2.How to do this ?
Table2 structure.
Table2ID PK
Table1ID FK
Name
Department
SSXML
As in some of the databases stored procedures can be written in java. Java stored procedures run into inbuilt JVM of database.Does SQL server provides any support for writing stored procedures in java.Is there any inbuilt JVM in SQL server.
View 1 Replies View Related