Try OpenEdge Now
skip to main content
ABL Reference
Handle Attributes and Methods Reference : QUALIFIED-USER-ID attribute
 

QUALIFIED-USER-ID attribute

Sets or reads the values of the USER-ID attribute (user name) and DOMAIN-NAME attribute separated by the '@' domain delimiter. This value represents a fully qualified user identity that you can use to establish identity in ABL sessions or database connections using the SECURITY-POLICY:SET-CLIENT( ) method or the SET-DB-CLIENT function. This user ID is then used to authorize such actions as accessing resources (run-time permissions checking) and providing an auditing identity, among other things. For a multi-tenant database connection, the user's identity also establishes the user's database tenant organization.
Data type: CHARACTER
Access: Readable/Writeable
Applies to: Client-principal object handle
You can write a character expression to this attribute using one of the formats in the following table, where user-name is a specified value for the USER-ID attribute and domain-name is a specified value for the DOMAIN-NAME attribute.
Table 95. Formats for assigning the QUALIFIED-USER-ID attribute
This format...
Writes...
""
The blank user in the blank domain
"@"
The blank user in the blank domain
"@domain-name"
The blank user in the specified domain
"user-name"
The specified user in the blank domain
"user-name@"
The specified user in the blank domain
"user-name@ domain-name"
The specified user in the specified domain
When you read this attribute, it can return the values shown in the following table.
Table 96. Values returned when reading the QUALIFIED-USER-ID attribute
This value is returned...
For...
""
The blank user in the blank domain
"@domain-name"
The blank user in the specified domain
"user-name"
The specified user in the blank domain
"user-name@ domain-name"
The specified user in the specified domain
Unknown value (?)
USER-ID or DOMAIN-NAME attributes that have not yet been set
Once the client-principal object is sealed, this attribute is read-only, and attempting to write to it raises a run-time error.
ABL also raises ERROR if you attempt to assign:
*The Unknown value (?)
*Any character expression that does not conform to the allowable qualified user ID forms shown in Table 95
*A character expression when the client-principal object is sealed and in the LOGIN, LOGOUT, EXPIRED, or FAILED state (see the LOGIN-STATE attribute entry)

See also

INITIALIZE( ) method, DOMAIN-NAME attribute, USER-ID attribute