Try OpenEdge Now
skip to main content
Programming Interfaces
Data Management : Application Security : Authenticating and managing user identity in ABL : Establishing auditing identity
Establishing auditing identity
By default, OpenEdge uses the database connection identity as the auditing identity. As described in earlier sections, OpenEdge can otherwise take the auditing identity for a given database from the ABL session identity, depending on a setting in database auditing options. No matter what source you use for the auditing identity, you might note the following points:
*The auditing identity only provides the value recorded as the user ID in audit event records and has no effect on database authorization, either for table and field access or for auditing privileges. The effective database connection identity for each database always controls database access and auditing privileges.
*If you configure the database option to use the application domain registry, this causes both the ABL SET-DB-CLIENT function and the SECURITY-POLICY:SET-CLIENT( ) method to assert and validate the database connection identity using the session domain registry (instead of using the local database domain registry). If you use SET-CLIENT( ) with this database option to set the database connection identity, which also asserts and sets the ABL session identity, the effective auditing identity is identical to the ABL session identity, regardless of any database auditing options that you set.
For more information on managing the auditing ID within an OpenEdge session, see Auditing.