Release 10.1A: OpenEdge Application Server:
Developing AppServer Applications

User authentication and authorization

You typically handle authentication and authorization tasks at the point of connection, using the Connect procedure, which can accept parameters for user authentication and refuse a client connection according to the result. For a state-reset or state-aware AppServer, you can take full advantage of this to authorize, on a user basis:

What procedures (entry points) can be run by the connected AppServer agent by setting an export list using the EXPORT( ) method.
Connections to databases and other AppServers from the connected AppServer agent. For more information on limiting database access through a connected AppServer agent, see the "Database access" section.

However, for stateless and state-free AppServers, you cannot directly authorize and implement these options at connect time.

Authorization on a state-reset or state-aware AppServer

The following code shows a typical authentication and authorization example:

DEFINE INPUT PARAMETER user_id         AS CHARACTER. DEFINE INPUT PARAMETER password        AS CHARACTER. DEFINE INPUT PARAMETER app_server_info AS CHARACTER. /* Authenticate user - if the user/password does not exist an error    condition will automatically be raised */ FIND app_user   WHERE app_user.user_id = user_id         AND app_user.password = ENCODE(password)   NO-LOCK. /* Authorize access to particular procedures */ IF NOT SESSION:EXPORT(app_user.can_run) THEN DO:   /* Log failure message to AppServer agent logfile and refuse      the connection */   MESSAGE "Failed to create export list for" app_user.user_id.   RETURN ERROR. END.

First, the user_id and password established by the client application’s CONNECT( ) method are authenticated against an external source (in this case, valid users are identified in a database table named app_user). Secondly, the particular user is authorized to request execution of an established, user-specific, list of procedures (entry points) through the EXPORT( ) method.

To create a tight security model, establish an export list in conjunction with operating-system security to restrict access from the client applications host to the remote procedure sources. For more information on operating-system security, see the "Operating system" section.

Authorization on a stateless or state-free AppServer

For a stateless AppServer, you cannot easily set an export list and database connections at connect time, because the AppServer agent that runs the Connect procedure is not necessarily the one that executes subsequent remote procedure requests for the connected client. For a state-free AppServer, you cannot perform these functions at connect time at all, because the client maintains no physical connection to any one AppServer, and the AppServer never runs a Connect procedure. For stateless and state-free AppServers, setting an export list and database connections works much more effectively as a global activity that you implement in the Startup procedure, which executes for every AppServer agent when it starts up.

You can also pass connection-based authentication and authorization information to each AppServer agent that handles a remote procedure request for a client connection. The AppServer agent can retrieve and resave the authorization information for the next AppServer agent that handles the connection using the Activate and Deactivate procedures. For more information on using these procedures, see Chapter 2, " Programming the AppServer." For more information on creating an export list using the EXPORT( ) method, see the "AppServer session access" section.