Try OpenEdge Now
skip to main content
Identity Management
Configuring and Implementing Authorization in OpenEdge : Non-multi-tenant vs. multi-tenant authorization

Non-multi-tenant vs. multi-tenant authorization

Unlike with OpenEdge authentication, where a user can authenticate to a database connection using a fully qualified user ID, regardless of the database tenancy, a fully-qualified user ID is only recognized for authorization settings on a multi-tenant database. For a non-multi-tenant database, all user IDs and user ID patterns must be specified using only a non-qualified user ID (the user name only). This is true for both the SQL and ABL authorization models. Later sections in this chapter describe the differences in how user IDs work in the two different cases.
The on exception to this is for database command-line utilities, which always use fully-qualified user IDs to authorize any roles or capabilities, such as audit roles or the system administrator for Transparent Data Encryption (TDE). (For more information on TDE, see OpenEdge Getting Started: Core Business Services - Security and Auditing.)