Try OpenEdge Now
skip to main content
Application Migration and Development Guide
Application Development with PAS for OpenEdge : Design and Implementation Considerations : Security considerations : User authentication and authorization : Authorization over an unbound session-managed or session-free connection
Authorization over an unbound session-managed or session-free connection
For an unbound session-managed application, you cannot easily set an export list and database connections at connect time, because the server session that runs the Connect procedure is not necessarily the one that executes subsequent remote procedure requests for the connected client. For a session-free application, you cannot perform these functions at connect time at all, because the connected server never runs a Connect procedure. For session-managed and/or unbound or bound PAS for OpenEdge instances, setting an export list and database connections works much more effectively as a global activity that you implement in the Session Startup procedure, which executes for every server session when it starts up. In this case, you also need to set the database connection identity in the Activation procedure for each request. For more information on setting database connection identity, see the sections on application security in OpenEdge Development: Programming Interfaces.
You can also pass all of the connection-based authentication and authorization information to each server session that handles a remote procedure request for a client connection. The server session can retrieve and re-save the authorization information for the next server session that handles the connection using the Activate and Deactivate procedures. For more information on using these procedures, see Programming for a PAS for OpenEdge application model. For more information on creating an export list using the EXPORT( ) method, see the Application model context management.