I have the following situation: An application needs to access tables
and execute stored procedures on different databases using only one
connection if possible. To avoid highly privileged user (NT) accounts,
I want to use an application role. The only way I know to e.g. execute
queries over more than one db is to have the app role in the one and
an appropriately privileged guest account in all other databases.
However, any other application using a maybe different application
role could gain the privileges of those guest accounts, which I think
should be avoided. Is there any way around this probably well-known
dilemma? Maybe to have the same application roles defined in all
relevant databases and have those linked in a way "normal" users would
be linked via a login? Any ideas are much welcome!
Thanks in advance,