Fog Creek Software
Discussion Board




Feature Request: separate SQL login

It'd be nice to be able to lock down the IIS website while having FogBUGZ itself use another account (either an SQL account or a Windows account) specifically for all SQL access, so that I don't have to go giving lots of individual people or groups rights on my SQL server.

Jim Causey
Thursday, July 25, 2002

You can/should already do this...
What you need to do is set the fogbugz virtual directory to use the correct username and password (windows) in the anonymous access settings.  Then you need to disable the "use windows authentication".  This should already be done for you though..

Michael H. Pryor
Thursday, July 25, 2002

Michael,

This will work as along as we're willing to allow anonymous access to FogBUGZ and just use its built-in authentication; however, what I'd like to do is require IIS authentication to the webpage itself, AND then NOT use those authenticated user contexts to connect to SQL Server, instead using just one user for all FogBUGZ access to SQL Server. 

From looking at the ASP code, I think this will require coding changes to FogBUGZ.

Jim Causey
Thursday, July 25, 2002

I don't think so.  You should just be able to change your ODBC_DATA_SOURCE to a connection string such as "uid=myname;pwd=mypw;driver={SQLServer}; _
server=myserver;database=pubs;dsn=''"

I'm not sure of the exact parameters, but I'm pretty sure this should work.

Michael H. Pryor
Thursday, July 25, 2002

You're right; I'm incredibly stupid.  Sorry I didn't think of this.

When I figure out the DSN syntax for that, I'll post it.

Jim Causey
Friday, July 26, 2002

If your ODBC DSN is already set up properly, here's all you have to put in BUGZ_ODBC_SOURCE to make this work:

DSN=<fogbugz_dsn>;UID=<fogbugz_uid>;PWD=<fogbugz_pwd>

Where:
<fogbugz_dsn> = DSN name for FogBUGZ
<fogbugz_uid> = SQL Server logon id with rights to the database
<fogbugz_pwd> = SQL Server logon password

Jim Causey
Friday, July 26, 2002

*  Recent Topics

*  Fog Creek Home