The name of the OpenEdge domain in which to authenticate the user identity represented by the unsealed client-principal object. This domain is also configured with an access code used to validate the same identity after the client-principal has been sealed. You must set this attribute before you can seal the associated client-principal object with the:
SEAL( ) method as part of an application-performed user authentication operation
The domain name you specify must match a domain entry registered in the trusted domain registry. Along with the domain access code, this entry identifies the authentication system used to validate the user's identity for user authentication and single sign-on (SSO) operations and specifies the user's tenancy for multi-tenant database connections in which their identity is set. For more information on domains, authentication systems, and database tenancy, see OpenEdge Getting Started: Identity Management.
If the attribute has never been initialized, reading its value returns the empty string (""). Otherwise, it returns the most recent setting using the INITIALIZE( ) method, QUALIFIED-USER-ID attribute, or the DOMAIN-NAME attribute, itself.
Once the client-principal object is sealed, this attribute is read-only, and attempting to write to it raises a run-time error.
ABL also raises ERROR if you attempt to assign:
The Unknown value (?)
Any character expression that does not conform to domain name length and character set restrictions
A character expression when the client-principal object is sealed and in the LOGIN, LOGOUT, EXPIRED, or FAILED state (see the LOGIN-STATE attribute entry)
SEAL( ) method as part of an application-performed user authentication operation