Why have security on Backend & Frontend

  • Thread starter Thread starter Johnson
  • Start date Start date
J

Johnson

I have never set up security on Access before
so I am asking for some explanations.
I've noticed that some people are recommending
that user level security be put on both the Back &
Front ends of a split database.
I'm curious as to why the Frontend needs security
if it is in a mde format and the backend is secure.
Does this mean that the user has to sign in twice?
I am confused...
Thanks
 
Johnson said:
I have never set up security on Access before
so I am asking for some explanations.
I've noticed that some people are recommending
that user level security be put on both the Back &
Front ends of a split database.
I'm curious as to why the Frontend needs security
if it is in a mde format and the backend is secure.
Does this mean that the user has to sign in twice?
I am confused...
Thanks
Click to expand...

Since Acces User Level Security is session based the same security
"environment" is used for both the FE and BE files (since they are both
being used in the same session). If you apply no security to the FE then
you will be opening it with (presumably) the default System.mdw file and
logging in silently as user "Admin" member of group "Users". When the FE
file attempts to open any table in the BE those same credentials will be
used and you will be denied access to the tables (if security on the BE was
done correctly).

Also since security is session based, you only log in once per session
regardless of how many files you might use during that session.
 
Thanks the quick response Rick,

So, if I understand correctly, I should apply the
exact same security to the front as I did to the back?
In other words duplicate the whole process over again?
 
Johnson said:
Thanks the quick response Rick,

So, if I understand correctly, I should apply the
exact same security to the front as I did to the back?
In other words duplicate the whole process over again?
Click to expand...

Difficult to say since I don't know what you did the first time :-)

If "the first time" involved going through the wizard and while doing so
creating a new MDW workgroup file then no, you wouldn't need to do that
since you already have a secure workgroup file.

You should be able to just open Access using the secure workgroup file that
is being used by the FE and then creating a new blank file and then
importing into it all of the objects from your existing BE. That will
ensure that all objects (including the database object) are not owned by the
default user "Admin". Then you can set permissions as required on the
tables.
 
Actually Rick, I haven't done anything yet.
I'm still looking into the best way to do this.
I have the "Access 2002 Developers Handbook Set"
The "Enterprise" edition has a good discussion of Security
but I can't find anything re security for Front & Back ends.
Can you point me in the right direction, where I might find
some good info re proper procedures for this?

Thanks
PS: What would happen if I had a UnSplit DB,
but wanted to Split it eventually.
Would I split before setting up security or vice versa.
What's recommended?
 
Johnson said:
Actually Rick, I haven't done anything yet.
I'm still looking into the best way to do this.
I have the "Access 2002 Developers Handbook Set"
The "Enterprise" edition has a good discussion of Security
but I can't find anything re security for Front & Back ends.
Can you point me in the right direction, where I might find
some good info re proper procedures for this?

Thanks
PS: What would happen if I had a UnSplit DB,
but wanted to Split it eventually.
Would I split before setting up security or vice versa.
What's recommended?
Click to expand...

I don't actually use security any more since I seldom store data in MDB files,
but I do remember that the database splitter wizard will result in a BE file
that is NOT secured even if the "all in one" file that you ran the wizard
against was already secured.

It is better in that situation to split manually by copying the monolithic file
and in one of the copies delete everything but the tables (this becomes the BE)
and in the other delete just the tables and create links to the tables in the BE
(this file is now the FE).
 
Back
Top