Cross Database with Application Role

Posted on

Question :

I have a requirement to access (read) a table/view in database B from database A. The application that needs to execute the query however uses an Application Role. From what I’ve read and tried, doing Module Signing is not an option.

What would be the next best approach?
Is that setting TRUSTWORTHY on for database A and use EXECUTE AS?

Answer :

Just found the answer:

  1. Create SQL login with minimal privileges
  2. Execute function from source database under that user (WITH EXECUTE AS)
  3. Module sign object
  4. GRANT AUTHENTICATE to user created from certificate (this is the one I missed)

Leave a Reply

Your email address will not be published. Required fields are marked *