Release 10.1A: OpenEdge Application Server:
Developing AppServer Applications

Overview of the AppServer security options

Table 4–2 summarizes the various application-specific security options available.

Table 4–2: AppServer security considerations
Security consideration
Design strategy
User authentication and authorization
Use the AppServer Connect procedure to validate a user.
Database access
Limit or prevent client application access to a database.
AppServer session access
Limit users’ access to specific procedures through the EXPORT( ) method.
Audit trails
Use the AppServer Connect and AppServer Disconnect procedures to assist in management of audit trails.
Run-time compilation
Protect any executable code that you deploy in source form.
Operating system
Protect the files that you deploy for an AppServer.
Secure Sockets Layer (SSL)
Provide data privacy over connections to the AppServer and authentication between clients and servers on those connections.

The remaining sections on security provide additional information about each of these considerations.

For information about developing these features, see Chapter 2, " Programming the AppServer." Also, for more information about standard Progress 4GL security features, see OpenEdge Development: Programming Interfaces .

Copyright © 2005 Progress Software Corporation
 www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095