Try OpenEdge Now
skip to main content
Programming Interfaces
Data Management : Auditing : Setting up application security for auditing
 

Setting up application security for auditing

To provide auditing in an application, you generally need to consider three primary security requirements:
*Establish the auditing identity (ID).
*Verify that auditing is enabled for at least one connected database.
*Ensure that auditing privileges have been set appropriately to allow the auditing operations required.
The auditing identity (auditing ID) represents the user identity that OpenEdge associates with all audit events that it records in an audit-enabled database. Together with audit data integrity features, the auditing ID helps to ensure that the contents of the audit trail cannot be repudiated, either through unauthorized modification of the audit data or denial that a given user identity was involved with generating the audit data. Whatever user identity is the auditing ID for a given audit-enabled database becomes associated with all audit events, whether generated automatically by OpenEdge or explicitly by your application.
OpenEdge provides the option to establish the auditing ID for a database from one of the following sources:
*Database connection identity (ID)
*OpenEdge session identity (ID)
Because all OpenEdge auditing is configured and stored in a connected OpenEdge RDBMS, you must consider a combination of database configuration and application coding options to establish the effective auditing ID for an application.
* Configuring the auditing identity
* Asserting the auditing identity
* Verifying that auditing is enabled
* Configuring auditing privileges