Try OpenEdge Now
skip to main content
Application Migration and Development Guide
Application Development with PAS for OpenEdge : Design and Implementation Considerations : Security considerations : PAS for OpenEdge session access : Session-managed application with an unbound connection
Session-managed application with an unbound connection
For a session-managed application with an unbound connection, you can conveniently set a single export list for all server sessions, using the Session Startup procedure. Because export list settings apply only to the server session in which they occur, setting and resetting an export list at any other point in an unbound session-managed application requires careful attention.
Caution: Setting an export list during remote procedure requests from an unbound session-managed client is an error-prone activity. If your application requires this fine degree of control, the rest of this section explains how you can do it. However, you might consider implementing your application using a bound connection, instead.
Once you set an export list, the list remains set in the server session until you reset it. For an unbound connection, because you cannot guarantee when an server session will execute what procedure, you must manage any export list settings appropriately during each request. If you do not, you can leave an unpredictable set of export list settings across sessions in the server sessions pool.
For an unbound connection, you can maintain consistent export list settings using a combination of the Connect, Activate, and Deactivate procedures. This is especially useful to provide user-based access control.
To maintain consistent export list settings using the Connect, Activate, and Deactivate configuration procedures:
1. In the Connect procedure, establish an export list based on the authenticated user.
2. Save the export list using context storage, such as the SERVER-CONNECTION-CONTEXT attribute or a context database.
3. In the Activate procedure, retrieve the export list from your context storage and set it using the EXPORT( ) method. The list is now set to filter the current remote procedure call and ensure its validity for the user.
4. In the Deactivate procedure, reset the export list to empty or to any other global session value using the EXPORT( ) method. This leaves the server session to handle remote procedures calls from all connected clients, as appropriate.
Note: The Disconnect procedure is not effective to reset a user-based export list, especially for an unbound connection, because the Disconnect procedure can run in server session other than the one where the last export list setting occurred.
You can also use the Activate procedure to make other application-based settings, where you set the list depending on some application state other than the authenticated user. In this case, you might determine the setting indirectly from context storage or from some other source available to ABL. For more information on using context storage, see Programming the Progress Application Server for OpenEdge.