I am moving up from ACCESS to SQL 2000. I've run into one stumbling block in that my service provider won't let me add Users. But I can use Application Roles.

I am thinking about asking the Services Sys Admin to set up an User that will be used by the application. This User would have select, insert, update, delete, and execute for views and procs only. I am thinking about creating an application role that equates to a User Name and granting them appropriate privileges. Note that all access to the DB will be through a web front end.

Do you see any security weaknesses with this approach versus if I were able to use User roles?