Try OpenEdge Now
skip to main content
Programming Interfaces
Data Management : Application Security : Authenticating and managing user identity in ABL : Authenticating and setting user identity : SETUSERID function
SETUSERID function
This is the basic syntax, where userid and password pass in a user ID and passphrase (user account password) and logical-dbname optionally identifies an established database connection:


SETUSERID( userid , password[ , logical-dbname] )
OpenEdge authenticates user credentials to set the identity for a particular OpenEdge database connection, all based on parameters passed as input to the function. If you do not identify a database connection, OpenEdge attempts to locate and use a connection to the database for which the current procedure or class was compiled.
For backward compatibility, this function always authenticates the specified user credentials against the internal OpenEdge user accounts defined in the database _User table. If OpenEdge successfully authenticates the specified identity, it assigns the identity to the database connection, and creates and seals a client-principal object in the LOGIN state with the QUALIFIED-USER-ID and PRIMARY-PASSPHRASE attributes set from the input user credentials and with all other properties and attributes of the object set to default values. Sealing the object with this function does not generate an auditable event to start a user login session, but does generate an auditable event for the change in user identity.
When the SETUSERID function executes, OpenEdge authenticates and seals the identity in the client-principal object using either the local database domain registry for the connection (by default) or the current session domain registry when the connected database has its option set to use the application domain registry.
Note: Setting the identity for a database connection using this function locks out the SECURITY-POLICY:SET-CLIENT( ) method from setting the connection identity. You can unlock the connection for SET-CLIENT( ) access by calling the SET-DB-CLIENT function with its client-principal-handle parameter passed as the Unknown value (?).