What is the best way to authenticate in the database?

Asked

Viewed 398 times

1

What is the best way to connect to the database using c#?

Create a USUARIOS table, or create a USER in the database to access?

c# database .net oracle authentication

  • Did any of the answers solve your question? Do you think you can accept one of them? Check out the [tour] how to do this, if you haven’t already. You would help the community by identifying what was the best solution for you. You can accept only one of them. But you can vote on any question or answer you find useful on the entire site (when you have enough score).

2 answers

3

There is no best way. There is the most suitable for your situation.

If you want to know which is the safest is to use database authentication, although other ways can be very safe if you do it right.

But this is not always possible. It is not always what you want. You can:

  • have anonymous access
  • have a very large amount of users
  • allow self registration
  • provide access to parts of the database that should not

finally, there are several situations that is not ideal, then a solution of its own may be more appropriate.

An immense amount of applications only makes sense to have your own user table, especially for web and mobile.

  • I understand, I am making a Desktop application c#, I have opted for authentication in the database itself, but... (I’m sure there must be) a way to keep an active connection with the database until the user leaves the application. Today I open and close the connection in a simple select for example. Is there any way? Or what is the correct name of this type of procedure? I’ve been looking for POOL but I haven’t been very successful... Thanks

  • Picking up a connection is different from connecting to the database.

  • specifically, I need to keep the database connection active, and not open and close simultaneously several times. Everything I do today, I open and close the connection. Thank you for helping me, above all.

2

For the case of user authentication I use 3 solutions depending on the case and the client;

  1. All users have their own user in sql: step in Connection string user, so it is possible to put another level of security. For example, user can not read table x
  2. All users have AD registration: Default user on Connection string and do the validation with AD;
  3. Messy: I use the Identityserver (currently in version 4) is more complicated to implement and usually only worth if you have "multiple systems" and want to authenticate everything in one place; if you have more systems everything authenticates in the same place

Browser other questions tagged c# database .net oracle authentication

You are not signed in. Login or sign up in order to post.