Defining and configuring security domains

The Database Administration Console in OpenEdge Management and OpenEdge Explorer

Data Administration utility in the OpenEdge program group on Windows

Admin menu of the character-mode Data Dictionary

A system type (authentication system) — The type of authentication system that the domain relies on for authenticating the security token for all users in that domain. OpenEdge supports several built-in authentication system types and allows you to define new ones, including ones that allow you to define your own authentication system. Each type of authentication system supports a particular set of user accounts and specific operations to validate and set a given user identity.

An access code — A secret value used by OpenEdge or your ABL application both to cryptographically seal a security token during user authentication and to validate a user's sealed security token, for example, to assert their identity in a single sign-on (SSO) operation. If specified, this is typically a long character string value known only to the domain configuration.

An enablement indicator — Specifies if the domain is enabled for use at run time (the default). This allows you, for example, to configure domains for deployment while not making them available to an OpenEdge application until its deployment is complete.

System options — Allows you to specify options that can be passed to authentication systems for interpretation by configured ABL authentication callbacks.

A tenant name — For a multi-tenant database, identifies the tenant to which the domain belongs, and through which all users in the domain access the database. For a non-multi-tenant database, this setting does not exist.

Additional settings — To support auditing and other options that currently have limited or no affect on user validation.