The OERealm client treats any errors or exceptions as fatal server errors and different OERealm clients handle errors and exceptions differently.
The best practices for users of OERealm are as follows:
No errors or exception should be sent from the validateUser() method.
Errors should be sent from other methods when the user account number does not correspond to a physical user account or if the library used to access the physical user accounts returns an exception.
All errors and warnings should be logged based on User Account Name or user-account-number.
Return the defined defaults for accessing user account properties when the account property does not exist or the account property is defined as Null or Unknown.
OERealm Security Best Practices are as follows:
Use OS file system security to protect your OERealm ABL code modules.
Use SSL/TLS for non-local network connections.
If possible, provide a dedicated AppServer for the OERealm functionality.
Authenticate and authorize each request using the OERealm client’s Client-Principal.
Provide adequate capability to handle ABL errors and exceptions.