An ABL authentication callback executes as an external procedure consisting of three parts: a main block; a procedure you create named AuthenticateUser; and an optional procedure you can create named AfterSetIdentity.
The main block runs during the OpenEdge-performed user authentication process. For built-in systems, it is called after user-authentication is complete but before the client-principal object is sealed by OpenEdge. For user-defined systems, it is called at the start of OpenEdge user authentication and also before the client-principal object is sealed.
The main block is automatically called as part of the CONNECT statement, the SETUSERID( ) function, the SET-DB-CLIENT( ) function, or the SECURITY-POLICY:SET-CLIENT( ) method, The main block is deleted before any of these processes return control to the ABL application.
AuthenticateUser is called when OpenEdge-performed user authentication takes place and before the client-principal object is sealed. If the procedure returns success then the authentication succeeded and the client-principal is sealed.
AfterSetIdentity is an optional procedure that extends the functionality of SSO.
