344
be in any form or location. For example, the data may be in a typical database management system such as SQL Server, or it may be distributed around the world and accessed via web services. The
data provider shields the data consumer from having to know how to reach the data. In ADO.NET, data providers are referred to as managed providers.
A data consumer is an application that uses the services of a data provider for the purposes of storing, retrieving, and manipulating data. A customer-service application that manipulates a customer
database is a typical example of a data consumer. To consume data, the application must know how to access one or more data providers.
ADO.NET is comprised of many classes, but five take center stage: Connection
Represents a connection to a data source. Command
Represents a query or a command that is to be executed by a data source. DataSet
Represents data. The DataSet can be filled either from a data source using a DataAdapter object or dynamically.
DataAdapter Used for filling a DataSet from a data source.
DataReader Used for fast, efficient, forward-only reading of a data source.
With the exception of DataSet, these five names are not the actual classes used for accessing data sources. Each managed provider exposes classes specific to that provider. For example, the SQL
Server managed provider exposes the SqlConnection, SqlCommand, SqlDataAdapter, and SqlDataReader classes. The DataSet class is used with all managed providers.
Any data-source vendor can write a managed provider to make that data source available to ADO.NET data consumers. Microsoft has supplied two managed providers in the .NET Framework:
SQL Server and OLE DB.
The examples in this chapter are coded against the SQL Server managed provider, for two reasons. The first is that I believe that most programmers writing data access code in Visual Basic .NET will be
doing so against a SQL Server database. Second, the information about the SQL Server managed provider is easily transferable to any other managed provider.
8.3 Connecting to a SQL Server Database
To read and write information to and from a SQL Server database, it is necessary first to establish a connection to the database. This is done with the SqlConnection object, found in the
System.Data.SqlClient namespace. Heres an example:
Open a database connection. Dim strConnection As String = _
Data Source=localhost;Initial Catalog=Northwind; _
345
Integrated Security=True Dim cn As SqlConnection = New SqlConnectionstrConnection
cn.Open
This code fragment instantiates an object of type SqlConnection, passing its constructor a connection string. Calling the SqlConnection objects Open method opens the connection. A connection must be
open for data to be read or written, or for commands to be executed. When youre finished accessing the database, use the Close method to close the connection:
Close the database connection. cn.Close
The connection string argument to the SqlConnection classs constructor provides information that allows the SqlConnection object to find the SQL Server database. The connection string shown in the
earlier code fragment indicates that the database is located on the same machine that is running the code snippet
Data Source=localhost
, that the database name is Northwind Initial
Catalog=Northwind , and that the user ID that should be used for logging in to SQL Server is the
current Windows login account Integrated Security=True
. Table 8- 1
shows the valid SQL Server connection string settings.
Table 8-1. SQL Server connection string settings
Setting Default
Value Description
Addr Synonym for
Data Source
. Address
Synonym for Data
Source .
Application Name The name of the client application. If provided, SQL Server
uses this name in its sysprocesses
table to help identify the process serving this connection.
AttachDBFilename Synonym for
Initial File
Name .
Connect Timeout
15 Synonym for
Connection Timeout .
Connection Timeout 15
The number of seconds to wait for a login response from SQL Server. If no response is received during this period, an
SqlException exception is thrown.
This setting corresponds to the SqlConnection objects ConnectionTimeout property.
Current Language
The language to use for this session with SQL Server. The value of this setting must match one of the entries in either the
name column or the alias column of the master.dbo.syslanguages system table. If this setting is not
specified, SQL Server uses either its system default language or a user-specific default language, depending on its
configuration.
The language setting affects the way dates are displayed and may affect the way SQL Server messages are displayed.
Search for SQL Server Language Support in SQL Server Books Online for more information.
Data Source
The name or network address of the computer on which SQL Server is located.
This setting corresponds to the SqlConnection objects DataSource property.
346
extended properties
Synonym for Initial
File Name
. Initial
Catalog The name of the database to use within SQL Server.
This setting corresponds to the SqlConnection objects Database property.
Initial File
Name The full pathname of the primary file of an attachable
database. If this setting is specified, the
Initial Catalog
setting must also be specified.
Search for Attaching and Detaching Databases in SQL Server Books Online for more information.
AttachDBFilename and
extended properties
are synonyms for
Initial File
Name .
Integrated Security
` false
Indicates whether to use NT security for authentication. A value of `
true or `
sspi Security Support Provider Interface
indicates that NT security should be used. A value of ` false
indicates that SQL Server security should be used. Search for How SQL Server Implements Security in SQL
Server Books Online for more information. Net
` dbmssocn
Synonym for Network
Library .
Network Address
Synonym for Data
Source .
Network Library
` dbmssocn
The name of the .dll that manages network communications with SQL Server. The default value, `
dbmssocn , is
appropriate for clients that communicate with SQL Server over TCPIP.
Search for Communication Components and Net-Libraries and Network Protocols in SQL Server Books Online for more
information.
Password The SQL Server login password for the user specified in the
User ID
setting.
Persist Security
Info `
false Specifies whether SqlConnection object properties can return
security-sensitive information while a connection is open. Before a connection is opened, its security-sensitive properties
return whatever was placed in them. After a connection is opened, properties return security-sensitive information only if
the Persist
Security Info setting was specified as
` true
. For example, if
Persist Security Info is `
false and
the connection has been opened, the value returned by the SqlConnection objects ConnectionString property does not
show the Password
setting, even if the Password
setting was specified.
Pwd Synonym for
Password .
Server Synonym for
Data Source
. Trusted
_ Connection
` false
Synonym for Integrated
Security .
User ID The SQL Server login account to use for authentication.
347
Workstation ID the client
computer name
The name of the computer that is connecting to SQL Server.
SQL Server Authentication
Before a process can access data that is located in a SQL Server database, it must log in to SQL Server. The SqlConnection object communicates with
SQL Server and performs this login based on information provided in the connection string. Logging in requires authentication. Authentication means
proving to SQL Server that the process is acting on behalf of a user who is authorized to access SQL Server data. SQL Server recognizes two methods
of authentication:
•
SQL Server Authentication, which requires the process to supply a username and password that have been set up in SQL Server by an
administrator. Beginning with SQL Server 2000, this method of authentication is no longer recommended and is disabled by default.
•
Integrated Windows Authentication, in which no username and password are provided. Instead, the Windows NT or Windows 2000
system on which the process is running communicates the users Windows login name to SQL Server. The Windows user must be set
up in SQL Server by an administrator in order for this to work.
To use SQL Server Authentication: 1. SQL Server 2000 only Enable SQL Server Authentication. In
Enterprise Manager, right-click on the desired server, click Properties, and then click the Security tab. Select SQL Server and Windows
and click OK.
2. The network administrator sets up a login account using Enterprise Manager, specifying that the account will use SQL Server
Authentication and supplying a password. Programming books including this one typically assume the presence of a user named
sa with an empty password, because this is the default system administrator account set up on every SQL Server installation good
administrators change the password, however.
3. The network administrator assigns rights to this login account as appropriate.
4. The data access code specifies the account and password in the connection string passed to the SqlConnection object. For example,
the following connection string specifies the sa account with a blank password:
Data Source=SomeMachine; Initial Catalog=Northwind; User ID=sa; Password=
To use Integrated Windows Authentication: 1. The network administrator sets up the login account using Enterprise
348 Manager, specifying that the account will use Windows Authentication
and supplying the Windows user or group that is to be given access. 2. The network administrator assigns rights to this login account as
appropriate. 3. The data access code indicates in the connection string that
Integrated Windows Security should be used, as shown here: Data Source= SomeMachine; Initial
Catalog=Northwind; Integrated Security=True When using Integrated Windows Authentication, it is necessary to know
what Windows login account a process will run under and to set up appropriate rights for that login account in SQL Server Enterprise Manager.
A program running on a local machine generally runs under the login account of the user that started the program. A component running in
Microsoft Transaction Server MTS or COM+ runs under a login account specified in the MTS or COM+ Explorer. Code that is embedded in an
ASP.NET web page runs under a login account specified in Internet Information Server IIS. Consult the documentation for these products for
information on specifying the login account under which components run. Consult the SQL Server Books Online for information on setting up SQL
Server login accounts and on specifying account privileges.
8.4 Connecting to an OLE DB Data Source