Hi Guys,

   I had intended to have a users table encrypted so that anybody who gets hold
of any of many freely available tools to view DBISAM tables cannot access the
table and there for user iDs and passwords.

   Well I thought it was a good idea, then I find, seemingly, that I cannot
programaticaly set the password for the table to allow a specific application
to access it at run time.  Preferably through a Password property that can be
set at run time to 'unencrypt' the table.  e.g.  TDBISAMTable.Password :=
'xyz123'  or similar.

   Is my understanding correct?  If it is, can I submit the suggestion for such a
capability?

Regards,

Ian

--

"Ian Branch" <branch@sitathome.net> wrote in message
news:EF4BB14E-3592-4AC3-A726-6B8CBD6B9A60@news.elevatesoft.com...
> Hi Guys,
>
> I had intended to have a users table encrypted so that anybody who gets
> hold
> of any of many freely available tools to view DBISAM tables cannot access
> the
> table and there for user iDs and passwords.
>
> Well I thought it was a good idea, then I find, seemingly, that I cannot
> programaticaly set the password for the table to allow a specific
> application
> to access it at run time.  Preferably through a Password property that can
> be
> set at run time to 'unencrypt' the table.  e.g.  TDBISAMTable.Password :=
> 'xyz123'  or similar.
>
> Is my understanding correct?  If it is, can I submit the suggestion for
> such a
> capability?

You mean like:

Session.AddPassword('password')

before opening any tables?

-Johnnie

> You mean like:
>
> Session.AddPassword('password')
>
> before opening any tables?

Sorry, I should have explained better. You add a TDBISAMSession component to
your application and set all of your tables to that .SessionName, then you
use the .AddPassword('') method before opening any tables.

Ian,

--
Regards,
Jan Ferguson


Ian Branch wrote:

> Hi Guys,
>
>    I had intended to have a users table encrypted so that anybody who
> gets hold of any of many freely available tools to view DBISAM tables
> cannot access the table and there for user iDs and passwords.
>
>    Well I thought it was a good idea, then I find, seemingly, that I
> cannot programaticaly set the password for the table to allow a
> specific application to access it at run time.  Preferably through a
> Password property that can be set at run time to 'unencrypt' the
> table.  e.g.  TDBISAMTable.Password := 'xyz123'  or similar.
>
>    Is my understanding correct?  If it is, can I submit the suggestion
> for such a capability?
>
> Regards,
>
> Ian

Ian

Ian

Set the password in the Database System Utility then in your
datamodule's OnCreate event call the "YourSessionName.GetPassword"
procedure. It will allow your tables access to the data in your
application while keeping them encrypted as you desire.

--
Regards,
Jan Ferguson


Ian Branch wrote:

> Hi Guys,
>
>    I had intended to have a users table encrypted so that anybody who
> gets hold of any of many freely available tools to view DBISAM tables
> cannot access the table and there for user iDs and passwords.
>
>    Well I thought it was a good idea, then I find, seemingly, that I
> cannot programaticaly set the password for the table to allow a
> specific application to access it at run time.  Preferably through a
> Password property that can be set at run time to 'unencrypt' the
> table.  e.g.  TDBISAMTable.Password := 'xyz123'  or similar.
>
>    Is my understanding correct?  If it is, can I submit the suggestion
> for such a capability?
>
> Regards,
>
> Ian

Ian

John & Jan,

   Hi Guys.  Thanks for your replies.

   If my understanding is correct, and it has been known to be faulty, the
Session Password is applicable to the whole server/database, and therefore all
of the tables, is it not?

   What I am referring to is that only one of the 76 tables is encrypted, how do
I decrypt it at run-time?

Regards,

Ian
--

Here's my understanding

The session password is applicable to the whole session. When an
encrypted table is encountered the session "submits" its passwords until
one works or until all of them have been exhausted.

Session.AddPassword('secretpassword');
Session.AddPassword('anotherpassword');
Session.AddPassword('yetanotherpassword');
Table1.Open;

Let's say Table1 is encrypted with 'yetanotherpassword'; when the table
is opened 'secretpassword' will be tried and will fail; it will then try
'anothersecretpassword' and fail; finally, it will try
'yetanotherpassword' and will be successful

~J. Lee





Ian Branch wrote:
> John & Jan,
>
>    Hi Guys.  Thanks for your replies.
>
>    If my understanding is correct, and it has been known to be faulty, the
> Session Password is applicable to the whole server/database, and therefore all
> of the tables, is it not?
>
>    What I am referring to is that only one of the 76 tables is encrypted, how do
> I decrypt it at run-time?
>
> Regards,
>
> Ian

Ian,

You can set a different password for each table, not for the entire
"server/database". If you choose to use the same password for each
table, that is up to you. I, for example, will encrypt tables with
sensitive data but will not encrypt the table which contains country
listings or states (as in United States of America) listings.

--
Regards,
Jan Ferguson


Ian Branch wrote:

> John & Jan,
>
>    Hi Guys.  Thanks for your replies.
>
>    If my understanding is correct, and it has been known to be faulty,
> the Session Password is applicable to the whole server/database, and
> therefore all of the tables, is it not?
>
>    What I am referring to is that only one of the 76 tables is
> encrypted, how do I decrypt it at run-time?
>
> Regards,
>
> Ian

Ian

Ian,

You don't need to add a session as a default session is automatically
created.  You may also want to prevent the password dialog
popping up if someone tries to access an encrypted table within
your application that has not "received" a password using
    Session.AddPassword('password')


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
// I created the following procedure and Named it Password
// it's assigned to Session.OnPassword in dbBeforeConnect
procedure TdmDataModule.Password(Sender: TObject; var Continue: Boolean);
begin
   // this routine is called whenever
   // any table is opened that does not have a
   // password added to the session
   // An error message will be displayed but the
   // default password entry will not be displayed
   continue := false;
end;

<snip>
   with session do begin
      OnPassword       := Password;  // disable default dialog

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jon

One & All,

   Thanks for the insight.  I had totally missed that subtlty about the
applicability of AddPassword.  All working now as desired.

   My thanks to all for the assisit.

Regards,

Ian



--