EXECUTE permission denied on object... uh?

Discussion in 'ASP .Net' started by Jiggaz, Jul 7, 2004.

  1. Jiggaz

    Jiggaz Guest

    Hi,

    In my ASPX Page, i have a form for signup. And whene user
    click on the button, the event Button1_Click must use a
    stored procedure.
    But instead of use stored proc, i get this exception :
    _____
    System.Data.SqlClient.SqlException: EXECUTE permission
    denied on object 'CreateAccount', database 'wizou', schema
    'dbo'. at
    System.Data.SqlClient.SqlConnection.OnError(SqlException
    exception, TdsParserState state) at
    System.Data.SqlClient.SqlInternalConnection.OnError(SqlException
    exception, TdsParserState state) at
    System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject
    stateObj) at
    System.Data.SqlClient.TdsParser.Run(RunBehavior
    runBehavior, SqlCommand cmdHandler, SqlDataReader
    dataStream, BulkCopySimpleResultSet bulkCopyHandler,
    TdsParserStateObject stateObj) at
    System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader
    ds, RunBehavior runBehavior, String resetOptionsString) at
    System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior
    cmdBehavior, RunBehavior runBehavior, Boolean returnStream,
    String method, DbAsyncResult result) at
    System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult
    result) at
    System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at
    Signup.Button1_Click(Object sender, EventArgs e) in
    c:\Inetpub\wwwroot\wizou\Signup.aspx.cs:line 114
    _____


    AND MY CODE IS :
    SqlCommand myCommand = new SqlCommand();
    String strCnx =
    ConfigurationSettings.ConnectionStrings["AppCnxStr"].ConnectionString.ToString();
    myCommand.Connection = new SqlConnection(strCnx);
    myCommand.Connection.Open();

    myCommand.CommandType = CommandType.StoredProcedure;
    myCommand.CommandText = "CreateAccount";

    SqlParameter myNickname = new SqlParameter("@Nickname",
    SqlDbType.NVarChar, 30);
    myNickname.Value = boxLogin.Text;
    myCommand.Parameters.Add(myNickname);

    SqlParameter myPassword = new SqlParameter("@Password",
    SqlDbType.NVarChar, 15);
    myPassword.Value = boxPwd.Text;
    myCommand.Parameters.Add(myPassword);

    ....

    myCommand.ExecuteNonQuery();
    System.Web.Security.FormsAuthentication.SetAuthCookie(boxLogin.Text,
    true);
    Response.Redirect("/Signup.aspx?action=Complete");
    _______________________

    Regards.
     
    Jiggaz, Jul 7, 2004
    #1
    1. Advertisements

  2. The error is coming from your SQ Server. Whatever user account your app is
    connecting with doesn't have permission to execute the Stored Procedure
    mentioned in the message. It's not your code. It's database permissions.

    --
    HTH,
    Kevin Spencer
    ..Net Developer
    Microsoft MVP
    Big things are made up
    of lots of little things.

    Hi,

    In my ASPX Page, i have a form for signup. And whene user
    click on the button, the event Button1_Click must use a
    stored procedure.
    But instead of use stored proc, i get this exception :
    _____
    System.Data.SqlClient.SqlException: EXECUTE permission
    denied on object 'CreateAccount', database 'wizou', schema
    'dbo'. at
    System.Data.SqlClient.SqlConnection.OnError(SqlException
    exception, TdsParserState state) at
    System.Data.SqlClient.SqlInternalConnection.OnError(SqlException
    exception, TdsParserState state) at
    System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObjec
    t
    stateObj) at
    System.Data.SqlClient.TdsParser.Run(RunBehavior
    runBehavior, SqlCommand cmdHandler, SqlDataReader
    dataStream, BulkCopySimpleResultSet bulkCopyHandler,
    TdsParserStateObject stateObj) at
    System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader
    ds, RunBehavior runBehavior, String resetOptionsString) at
    System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior
    cmdBehavior, RunBehavior runBehavior, Boolean returnStream,
    String method, DbAsyncResult result) at
    System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult
    result) at
    System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at
    Signup.Button1_Click(Object sender, EventArgs e) in
    c:\Inetpub\wwwroot\wizou\Signup.aspx.cs:line 114
    _____


    AND MY CODE IS :
    SqlCommand myCommand = new SqlCommand();
    String strCnx =
    ConfigurationSettings.ConnectionStrings["AppCnxStr"].ConnectionString.ToStri
    ng();
    myCommand.Connection = new SqlConnection(strCnx);
    myCommand.Connection.Open();

    myCommand.CommandType = CommandType.StoredProcedure;
    myCommand.CommandText = "CreateAccount";

    SqlParameter myNickname = new SqlParameter("@Nickname",
    SqlDbType.NVarChar, 30);
    myNickname.Value = boxLogin.Text;
    myCommand.Parameters.Add(myNickname);

    SqlParameter myPassword = new SqlParameter("@Password",
    SqlDbType.NVarChar, 15);
    myPassword.Value = boxPwd.Text;
    myCommand.Parameters.Add(myPassword);

    ....

    myCommand.ExecuteNonQuery();
    System.Web.Security.FormsAuthentication.SetAuthCookie(boxLogin.Text,
    true);
    Response.Redirect("/Signup.aspx?action=Complete");
    _______________________

    Regards.
     
    Kevin Spencer, Jul 7, 2004
    #2
    1. Advertisements

  3. Jiggaz

    Hans Kesting Guest


    This means that the useraccount that is used to connect to SqlServer
    has no execute permissions on the stored procedure "CreateAccount".
    What user do you use? Do you specify it in the connectionstring
    or do you use "windows authentication"?
    (if windows authentication, then it's probably "ASPNET")

    Check if that user really has execute permission on this SP.

    Hans Kesting
     
    Hans Kesting, Jul 7, 2004
    #3
  4. Jiggaz

    Jiggaz Guest

    I have SQL Server 2005, there is no sql management :/
    if u know them, gimme se sql commands that i could execute
    with SQLCMD.exe

    Regards.
     
    Jiggaz, Jul 7, 2004
    #4
  5. Jiggaz

    Jiggaz Guest

    I use this string :
    <connectionStrings>
    <add name="AppCnxStr"
    connectionString="Server=KLEO\SQLEXPRESS;Integrated
    Security=True;Database=wizou"
    providerName="System.Data.SqlClient" />
    </connectionStrings>

    And how can i authorize user KLEO\ASPNET to execute Stored
    Procedures?

    Regards.
    message news:28b1c01c46419$6faff8e0$...
     
    Jiggaz, Jul 7, 2004
    #5
  6. Open Enterprise Manager for SQL Server. Right click on the stored procedure
    in question. Make sure the user in your conn string is allowed to EXECUTE
    the proc.

    NOTE: If you are using integrated security, you will have to have the
    Windows group, with this user account (yours?) as the group that has EXECUTE
    rights.

    --
    Gregory A. Beamer
    MVP; MCP: +I, SE, SD, DBA

    ************************************************
    Think Outside the Box!
    ************************************************
    Hi,

    In my ASPX Page, i have a form for signup. And whene user
    click on the button, the event Button1_Click must use a
    stored procedure.
    But instead of use stored proc, i get this exception :
    _____
    System.Data.SqlClient.SqlException: EXECUTE permission
    denied on object 'CreateAccount', database 'wizou', schema
    'dbo'. at
    System.Data.SqlClient.SqlConnection.OnError(SqlException
    exception, TdsParserState state) at
    System.Data.SqlClient.SqlInternalConnection.OnError(SqlException
    exception, TdsParserState state) at
    System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObjec
    t
    stateObj) at
    System.Data.SqlClient.TdsParser.Run(RunBehavior
    runBehavior, SqlCommand cmdHandler, SqlDataReader
    dataStream, BulkCopySimpleResultSet bulkCopyHandler,
    TdsParserStateObject stateObj) at
    System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader
    ds, RunBehavior runBehavior, String resetOptionsString) at
    System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior
    cmdBehavior, RunBehavior runBehavior, Boolean returnStream,
    String method, DbAsyncResult result) at
    System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult
    result) at
    System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at
    Signup.Button1_Click(Object sender, EventArgs e) in
    c:\Inetpub\wwwroot\wizou\Signup.aspx.cs:line 114
    _____


    AND MY CODE IS :
    SqlCommand myCommand = new SqlCommand();
    String strCnx =
    ConfigurationSettings.ConnectionStrings["AppCnxStr"].ConnectionString.ToStri
    ng();
    myCommand.Connection = new SqlConnection(strCnx);
    myCommand.Connection.Open();

    myCommand.CommandType = CommandType.StoredProcedure;
    myCommand.CommandText = "CreateAccount";

    SqlParameter myNickname = new SqlParameter("@Nickname",
    SqlDbType.NVarChar, 30);
    myNickname.Value = boxLogin.Text;
    myCommand.Parameters.Add(myNickname);

    SqlParameter myPassword = new SqlParameter("@Password",
    SqlDbType.NVarChar, 15);
    myPassword.Value = boxPwd.Text;
    myCommand.Parameters.Add(myPassword);

    ....

    myCommand.ExecuteNonQuery();
    System.Web.Security.FormsAuthentication.SetAuthCookie(boxLogin.Text,
    true);
    Response.Redirect("/Signup.aspx?action=Complete");
    _______________________

    Regards.
     
    Cowboy \(Gregory A. Beamer\) [MVP], Jul 7, 2004
    #6
  7. It is an SQL Server message. With database management tools make sure the
    user you are logging on as has execute permissions.

    Eliyahu

    Hi,

    In my ASPX Page, i have a form for signup. And whene user
    click on the button, the event Button1_Click must use a
    stored procedure.
    But instead of use stored proc, i get this exception :
    _____
    System.Data.SqlClient.SqlException: EXECUTE permission
    denied on object 'CreateAccount', database 'wizou', schema
    'dbo'. at
    System.Data.SqlClient.SqlConnection.OnError(SqlException
    exception, TdsParserState state) at
    System.Data.SqlClient.SqlInternalConnection.OnError(SqlException
    exception, TdsParserState state) at
    System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObjec
    t
    stateObj) at
    System.Data.SqlClient.TdsParser.Run(RunBehavior
    runBehavior, SqlCommand cmdHandler, SqlDataReader
    dataStream, BulkCopySimpleResultSet bulkCopyHandler,
    TdsParserStateObject stateObj) at
    System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader
    ds, RunBehavior runBehavior, String resetOptionsString) at
    System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior
    cmdBehavior, RunBehavior runBehavior, Boolean returnStream,
    String method, DbAsyncResult result) at
    System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult
    result) at
    System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at
    Signup.Button1_Click(Object sender, EventArgs e) in
    c:\Inetpub\wwwroot\wizou\Signup.aspx.cs:line 114
    _____


    AND MY CODE IS :
    SqlCommand myCommand = new SqlCommand();
    String strCnx =
    ConfigurationSettings.ConnectionStrings["AppCnxStr"].ConnectionString.ToStri
    ng();
    myCommand.Connection = new SqlConnection(strCnx);
    myCommand.Connection.Open();

    myCommand.CommandType = CommandType.StoredProcedure;
    myCommand.CommandText = "CreateAccount";

    SqlParameter myNickname = new SqlParameter("@Nickname",
    SqlDbType.NVarChar, 30);
    myNickname.Value = boxLogin.Text;
    myCommand.Parameters.Add(myNickname);

    SqlParameter myPassword = new SqlParameter("@Password",
    SqlDbType.NVarChar, 15);
    myPassword.Value = boxPwd.Text;
    myCommand.Parameters.Add(myPassword);

    ....

    myCommand.ExecuteNonQuery();
    System.Web.Security.FormsAuthentication.SetAuthCookie(boxLogin.Text,
    true);
    Response.Redirect("/Signup.aspx?action=Complete");
    _______________________

    Regards.
     
    Eliyahu Goldin, Jul 7, 2004
    #7
  8. You have some choices to make.

    1. Allow ASPNET access. Fine for non-production databases, but a potential
    security problem.
    2. Switch to mixed mode security and create a conn string with a user.
    3. Create a thread that accesses using another account
    4. Set up impersonation in your ASP.NET app and give your account rights

    For now, the easiest to explain is #1 (realize not the best long-term
    option):
    Open SQLCMD
    Best to ask about linking the account in the SQL Server groups. If this is
    ASP .NET 2.0, best to post in privatenews.microsoft.com, using the
    instructions on the beta groups in the Visual Studio 2005:

    http://lab.msdn.microsoft.com/vs2005/

    There is a great walkthrough for Visual Web Dev that includes how to connect
    to SQL Server 2005 Express.
    http://beta.asp.net/GuidedTour/s2.aspx


    --
    Gregory A. Beamer
    MVP; MCP: +I, SE, SD, DBA

    ************************************************
    Think Outside the Box!
    ************************************************
     
    Cowboy \(Gregory A. Beamer\) [MVP], Jul 7, 2004
    #8
  9. See my answer to your repost after Hans Kesting's response. That should be
    enough.

    --
    Gregory A. Beamer
    MVP; MCP: +I, SE, SD, DBA

    ************************************************
    Think Outside the Box!
    ************************************************
    I have SQL Server 2005, there is no sql management :/
    if u know them, gimme se sql commands that i could execute
    with SQLCMD.exe

    Regards.
     
    Cowboy \(Gregory A. Beamer\) [MVP], Jul 7, 2004
    #9
  10. Jiggaz

    Joined:
    Feb 17, 2014
    Messages:
    3
    Likes Received:
    0
    Location:
    Bangalore , India
    Quick fix is : Syntax : GRANT EXECUTE ON xp_cmdshell TO [Domain\User]
     
    , Feb 17, 2014
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.