G
Guest
I am creating Data Pages to deploy on IIS, and have discovered an odd
security issue:
I created and joined a new System.MyDB.mdw file, and added a password to the
"ADMIN" account. Open the database, and login dialog boxes appear, and work
as expected.
However, when I use a Data Page that is configured to link to the same
database in the page connection config, the page opens the database without
invoking any login dialog. Inspecting the page reviels that it is logining
in as ADMIN with a blank password - which is expected with the default
System.mdw, but should not work now that I have joined/applied a new
System.MyDB.mdw.
Why is the Data Page able to open the DB and link to the data using login
credentials that should not be valid? How is it that the Data Page appears
to still be using the default System.mdw file? What do I need to do to have
the Data Page use the same System.MyDB.mdw file that normal use invokes?
Thanks for any/all insights!
security issue:
I created and joined a new System.MyDB.mdw file, and added a password to the
"ADMIN" account. Open the database, and login dialog boxes appear, and work
as expected.
However, when I use a Data Page that is configured to link to the same
database in the page connection config, the page opens the database without
invoking any login dialog. Inspecting the page reviels that it is logining
in as ADMIN with a blank password - which is expected with the default
System.mdw, but should not work now that I have joined/applied a new
System.MyDB.mdw.
Why is the Data Page able to open the DB and link to the data using login
credentials that should not be valid? How is it that the Data Page appears
to still be using the default System.mdw file? What do I need to do to have
the Data Page use the same System.MyDB.mdw file that normal use invokes?
Thanks for any/all insights!