Try OpenEdge Now
skip to main content
Developing AppServer Applications
Design and Implementation Considerations : Security considerations : Database access

Database access

The traditional client/server model requires a connection from the ABL client to the database server. The AppServer allows alternative strategies to be considered. One strategy is for the ABL client to have no connection to the database and for all database access to be achieved through an AppServer. Such an implementation provides tight security since database access is limited to the parameters, and functionality contained in the procedures that are remotely executed by the AppServer.
A less severe strategy is to allow the ABL client read-only access to the database, but provide full update access to the AppServer agent. This preserves full control of updates through the restricted set of procedures that can be run in an AppServer agent, yet allows the client a broader range of database query capabilities. This alternative might be required to achieve certain performance objectives, for example, those peculiar to browse widget behavior. See ABL browse design considerations for detailed information about browse behavior.