Application Security Using Stored Procedures

One of the advantages of stored procedures is that they can be used as a security mechanism to prevent users from dealing directly with tables. The process is very straightforward: First, create the stored procedure, and then assign execute permissions to the users on the stored procedure. Therefore, users don't need to have permissions on every object referenced by the stored procedure. For example, if you create a stored procedure that retrieves data from a certain table (using a SELECT query), you just have to grant execute permissions on the stored procedure to the users, and then they will be able to run the stored procedure (without having direct permissions on the table referenced by the stored ...

Get Microsoft® SQL Server™ 2000 Programming by Example now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.