This question already has an answer here:
这个问题在这里已有答案:
- Difference between a User and a Login in SQL Server 5 answers
SQL Server 5中的用户和登录之间的区别答案
What is the difference between SQL Server logins and database users, and how can I use the users inside my code for the privileges given to each user since the connection string uses the login only ?
SQL Server登录和数据库用户之间有什么区别,我如何使用我的代码中的用户获得给每个用户的权限,因为连接字符串仅使用登录?
2 个解决方案
#1
0
I think this is a very useful question. Just to add my two cents: from msdn:
我认为这是一个非常有用的问题。只是为了增加我的两分钱:来自msdn:
A login is a security principal, or an entity that can be authenticated by a secure system. Users need a login to connect to SQL Server. You can create a login based on a Windows principal (such as a domain user or a Windows domain group) or you can create a login that is not based on a Windows principal (such as an SQL Server login). Note Note
登录是安全主体,或者是可以由安全系统进行身份验证的实体。用户需要登录才能连接到SQL Server。您可以基于Windows主体(例如域用户或Windows域组)创建登录,也可以创建不基于Windows主体的登录(例如SQL Server登录)。注意注意
To use SQL Server Authentication, the Database Engine must use mixed mode authentication. For more information, see Choose an Authentication Mode.
要使用SQL Server身份验证,数据库引擎必须使用混合模式身份验证。有关更多信息,请参阅选择身份验证模式。
As a security principal, permissions can be granted to logins. The scope of a login is the whole Database Engine. To connect to a specific database on the instance of SQL Server, a login must be mapped to a database user. Permissions inside the database are granted and denied to the database user, not the login. Permissions that have the scope of the whole instance of SQL Server (for example, the CREATE ENDPOINT permission) can be granted to a login.
作为安全主体,可以向登录授予权限。登录的范围是整个数据库引擎。要连接到SQL Server实例上的特定数据库,必须将登录映射到数据库用户。数据库内的权限被授予和拒绝数据库用户,而不是登录。具有整个SQL Server实例范围的权限(例如,CREATE ENDPOINT权限)可以授予登录。
http://msdn.microsoft.com/en-us/library/aa337562.aspx#Background
#2
3
A SQL Server login stores the informations to authenticate a user at server level.
SQL Server登录存储信息以在服务器级别对用户进行身份验证。
After a user is authenticated, you might want to authorize him to use some of the databases the server hosts. You do that by mapping the login to a database user or in other word grant that login access to one or more databases.
用户通过身份验证后,您可能希望授权他使用服务器托管的某些数据库。您可以通过将登录映射到数据库用户或在其他单词授予中对一个或多个数据库进行登录访问来实现。
What privileges do you want to set by code? For example you can use SMO to administer your server or you can use Sql Statements like GRANT to change permissions.
您希望通过代码设置哪些权限?例如,您可以使用SMO来管理服务器,也可以使用GRANT等Sql语句来更改权限。
#1
0
I think this is a very useful question. Just to add my two cents: from msdn:
我认为这是一个非常有用的问题。只是为了增加我的两分钱:来自msdn:
A login is a security principal, or an entity that can be authenticated by a secure system. Users need a login to connect to SQL Server. You can create a login based on a Windows principal (such as a domain user or a Windows domain group) or you can create a login that is not based on a Windows principal (such as an SQL Server login). Note Note
登录是安全主体,或者是可以由安全系统进行身份验证的实体。用户需要登录才能连接到SQL Server。您可以基于Windows主体(例如域用户或Windows域组)创建登录,也可以创建不基于Windows主体的登录(例如SQL Server登录)。注意注意
To use SQL Server Authentication, the Database Engine must use mixed mode authentication. For more information, see Choose an Authentication Mode.
要使用SQL Server身份验证,数据库引擎必须使用混合模式身份验证。有关更多信息,请参阅选择身份验证模式。
As a security principal, permissions can be granted to logins. The scope of a login is the whole Database Engine. To connect to a specific database on the instance of SQL Server, a login must be mapped to a database user. Permissions inside the database are granted and denied to the database user, not the login. Permissions that have the scope of the whole instance of SQL Server (for example, the CREATE ENDPOINT permission) can be granted to a login.
作为安全主体,可以向登录授予权限。登录的范围是整个数据库引擎。要连接到SQL Server实例上的特定数据库,必须将登录映射到数据库用户。数据库内的权限被授予和拒绝数据库用户,而不是登录。具有整个SQL Server实例范围的权限(例如,CREATE ENDPOINT权限)可以授予登录。
http://msdn.microsoft.com/en-us/library/aa337562.aspx#Background
#2
3
A SQL Server login stores the informations to authenticate a user at server level.
SQL Server登录存储信息以在服务器级别对用户进行身份验证。
After a user is authenticated, you might want to authorize him to use some of the databases the server hosts. You do that by mapping the login to a database user or in other word grant that login access to one or more databases.
用户通过身份验证后,您可能希望授权他使用服务器托管的某些数据库。您可以通过将登录映射到数据库用户或在其他单词授予中对一个或多个数据库进行登录访问来实现。
What privileges do you want to set by code? For example you can use SMO to administer your server or you can use Sql Statements like GRANT to change permissions.
您希望通过代码设置哪些权限?例如,您可以使用SMO来管理服务器,也可以使用GRANT等Sql语句来更改权限。