RDS Handlers | Programming MicrosoftВ® ADO.NET 2.0 Core Reference

[Previous] [Next]

Now that you've seen what RDS has to offer, you might be a little nervous about security. With the DataControl or DataFactory object, a user could access your database by simply submitting any connection string and any query string. If that doesn't scare you, consider the queries that a user could submit:

 SELECT * FROM Employees UPDATE Employees SET Salary = 1000000 WHERE EmployeeID = 42275 DELETE FROM Employees WHERE EmployeeID = 1 DROP TABLE Employees DROP DATABASE MyBusiness

Now do you care?

NOTE
Of course, you don't have to worry about queries like these because you've set up a secure database. A user could never submit queries like these unless he or she had the appropriate privileges, right?

To help tighten the security of your RDS applications, you can use a handler. RDS includes a simple handler in the form of an .ini file that lets you control access to connections, queries, and logging errors. This file is MSDFMap.ini, and its contents might look something like this:

 [connect default] ;Do not allow access to connections that don't have an entry in the ; handler. Access=NoAccess [connect CustomerDatabase] ;Allow read/write access to the customer database ; by substituting the connection string below. Access=ReadWrite Connect="Provider=SQLOLEDB;Data Source=ScepHome; Œ Initial Catalog=Northwind;User ID=RDSUser;Password=RDSPassword;" [sql default] ;Do not allow access to queries that don't have an entry in the handler ; by supplying any invalid query. sql="InvalidQuery" [sql GetAllCustomers] ;Allow access to the customer table with the query below. sql="SELECT * FROM Customers" [sql GetACustomer] ;Allow access to the customer table with the parameterized query below. sql="SELECT * FROM Customers WHERE CustomerID = ?"

NOTE
There's more information on the options available for the MSDFMap.ini file in the Data Access Services portion of the Platform SDK. Look for the topic "Understanding the Customization File."

If you use this handler with your RDS code, you must supply a connection string and query string from the lists in the file (CustomerDatabase, GetAllCustomers, and so on). To retrieve a specific customer with RDS and this handler, use this code:

 With DataControl .Server = "http://MyServer" .Handler = "MSDFMap.Handler" .Connect = "CustomerDatabase" .SQL = "GetACustomer('ALFKI')" .Refresh End With

Notice that you're using a parameterized query and treating it almost the same way you would a function by supplying the customer's name—including the string delimiter—as a parameter to that function.

The Data Access portion of the Platform SDK covers RDS handlers at length. You'll find documentation on which features are available in the connect, sql, userlist, and logs sections of the DataFactory handler (also called a customization file). The SDK also shows how you can build your own customized handler objects in Visual Basic and Visual C++.

If you plan to use a handler other than the MSDFMap.ini file, be sure that you check the SDK to see how to mark the handler as "safe for scripting" to ensure secure Internet access.

If you want to force all RDS code to use a handler in order to prevent users from running any query against any database, you can place the following entry in the specified key in the Microsoft Windows Registry for your IIS server:

 HandlerRequired=1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataFactory\HandlerInfo

In fact, to tighten security, Windows 2000 automatically places this entry in the Registry when you install it. This means that by default, you cannot use the RDS DataControl or RDSServer DataFactory object with Windows 2000 without specifying a handler. You can manually change the Registry key to HandlerRequired=0 in order to remove this restriction.

Installing MDAC 2.5 on a machine running Microsoft Windows NT 4 will not impose this restriction.