Try OpenEdge Now
skip to main content
Core Business Services - Security and Auditing
Overview : OpenEdge Core Business Services : Security services : Identity management : Authentication
Authentication is the process of verifying that a users claims to a software system represent a valid proof of the users identity, which the software system can then assign to itself for the performance of its operational functions. For example, when a user logs into an application, an authentication system ensures that the users login credentials identify a user that can operate the application before the application will run. If the login credentials identify a valid user, the application runs as an agent of the user, which allows the users identity to extend to application components that might also be distributed in secure relation to one another across a network.
The minimum requirement to authenticate a user is a user account system, a user account in that system identified by a user ID (or user name), and a shared secret (typically a password or passphrase) that only the user account system and the owner of the account know. The authentication system accesses the user account system and asks it to verify that the user's account exists, that the account is usable, and that the secret entered by the user matches the secret known to the user account. Only if the user account system successfully validates the users account does the authentication system establish the user identity for an application. Otherwise, the application fails to run on behalf of the specified user.
In OpenEdge, the authentication of user identities is supported through configurable user authentication systems. These authentication systems include the OpenEdge RDBMS, which can maintain its own set of valid user accounts, and support for other user account systems that OpenEdge or an OpenEdge application can use to authenticate user identities. These authentication systems also support a mechanism to assert a previously authenticated user identity as the current application or database connection identity. For more information on OpenEdge support for authentication, see Security in OpenEdge and OpenEdge Getting Started: Identity Management.