Try OpenEdge Now
skip to main content
Developing AppServer Applications
Design and Implementation Considerations : Security considerations : Audit trails : AppServer application audit trails
AppServer application audit trails
On a session-managed AppServer, you can access the current connection ID using the SERVER-CONNECTION-ID attribute on the SESSION handle. On a session-free or session-managed AppServer, you can access the ClientContextId property on the Progress.Lang.OERequestInfo class instance referenced by the SESSION handle's CURRENT-REQUEST-INFO attribute.
Ideal locations to generate an audit trail on an AppServer include the AppServer Connect and Disconnect procedures. For example, your Connect procedure can use the user-id parameter and the SERVER-CONNECTION-ID attribute or ClientContextId property value to write an audit trail record when a client application connects to the AppServer. Also, any code to create an audit trail record in the Disconnect procedure is always executed, since this procedure is guaranteed to run whether the connection is explicitly disconnected or forcibly disconnected in response to the QUIT condition.
On an AppServer operating in stateless operating mode, you can also use the AppServer Activate and Deactivate procedures to generate audit trails for each request. However, this use can reduce performance, depending on the load on your AppServer and the amount of information in the audit trail.
For more information on programming these procedures and on accessing the SERVER-CONNECTION-ID attribute, see Programming the AppServer For more information on accessing the ClientContextId property, see Managing state-free and stateless client context.
Note: Audit information created in an AppServer agent using the MESSAGE statement or other external output syntax such as the DISPLAY statement, is sent to the AppServer log file unless otherwise directed.