Try OpenEdge Now
skip to main content
Programming Interfaces
Data Management : Application Security : Authenticating and managing user identity in ABL : Setting up and using domain registries
 
Setting up and using domain registries
When OpenEdge authenticates a user identity or validates an authenticated identity through SSO, it first retrieves the OpenEdge domain configuration identified by user credentials or a client-principal to obtain the following information:
*User authentication — The authentication system to authenticate a user's credentials and (if successful) the domain access code to seal the client-principal object representing the authenticated identity to be assigned to database connection or ABL session.
*SSO — The domain access code to validate that it is identical to the access code used to seal a given client-principal in order to assign the identity the object represents to a database connection or ABL session.
To retrieve the domain in either case, OpenEdge searches a trusted domain registry for a domain entry that matches the user's domain.
* Identifying the trusted domain registry
* Building and using a session domain registry