Try OpenEdge Now
skip to main content
Application Migration and Development Guide
Application Development with PAS for OpenEdge : Design and Implementation Considerations : Security considerations : User authentication and authorization
User authentication and authorization
You typically handle authentication at the point by specifying user credentials in the URL to connect to the PAS for OpenEdge ABL Web application., which can accept parameters for user authentication and refuse a client connection according to the result. For a bound session-managed application, you can also add an additional level of authentication using the Connect procedure. From the Connect procedure, you can also authorize:
*What remote procedures (entry points) can be run by the connected client by setting an export list using the EXPORT( ) method.
*Connections to databases and other OpenEdge application servers from the connected server session. For more information on limiting database access through a connected server session see Database access.
However, for an unbound session-managed or a session-free application, you cannot directly authorize and implement these options at connect time.
* Authorization over a bound session-managed connection
* Authorization over an unbound session-managed or session-free connection