Identity management, in OpenEdge, is a set of systems and tools to control the user identities encountered by OpenEdge. This system provides a number of options to manage identity without the need for application code changes.
Note: The OpenEdge identity management features described in this manual apply primarily to the OpenEdge RDBMS and its immediate clients, including ABL clients, SQL clients, and database command-line utilities. Identity management for other OpenEdge features or external interfaces to OpenEdge, such as Web browsers, Web servers, and Open Clients have their own security services and are beyond the scope of this manual.
The purpose of identity management is to ensure that the resources of an information system—including applications and data—are accessed only by those users who are trusted to access them and are accessed in a manner that is appropriate for each individual user or particular group of users. Indeed, an essential function of identity management is to protect information resources so only authorized users can access the information system itself. It does this through an authentication system that serves as the gateway for all access to the information system. Once access is granted to a particular user, each attempt to access protected resources is controlled by an authorization system that determines if and how the user can access that resource. The security and capabilities of an identity management system are often part of a larger security system consisting of hardware and software that provides authentication, authorization, encryption, and auditing services to an information system.
OpenEdge provides its identity management system as a core business service of the product. This means that essential features of OpenEdge identity management are both supported by the product and shared in common by multiple OpenEdge components. This document provides an overview of that support and how to use it to secure access to OpenEdge components and the applications you build with them.
