Release 10.1A: OpenEdge Data Management:
DataServer for Microsoft SQL Server

Security

Using the DataServer for MS SQL Server involves following the security guidelines required by both the OpenEdge database and the MSS data source. By default, OpenEdge security allows unrestricted access to data sources, so at a minimum, you should follow the guidelines that the data source requires for your applications.

OpenEdge security

The OpenEdge database management system has no minimum security requirements. You can, however, impose security features on any OpenEdge database or schema holder. There are four levels of application security that you can impose:

Database-connection security.
Schema security.
Compile-time security.
Run-time security.

For more information about compile-time and run-time security, see OpenEdge Deployment: Managing 4GL Applications. For general information about OpenEdge security, see OpenEdge Getting Started: Core Business Services .

SQL Server database security

As noted previously, you should follow the security guidelines that your MSS data source has established for your applications. The SQL Server database might require that all users supply a valid login name and password to access it. Data source access security typically has four levels:

System administrator — Grants or revokes permissions to other users to create or own a wide type of objects; for example, databases.
Database owner — Grants other users permission to access or modify a database or its objects.
Database object owner — Defines a user who can be the owner of objects in a database owned by another user.
Public owner — Allows access to public database objects by any users without restriction.

Additional security considerations

Note the following additional security points:

The DataServer for MS SQL Server will allow you to use either the Windows or SQL Server authentication model for your connection to the SQL Server data source. For more information on database security, see Microsoft’s SQL Server documentation.
There are specific security requirements for accessing data with the DataServer that relate to creating a schema holder. For details, see the "Creating a schema holder" section.