Release 10.1A: OpenEdge Deployment:
Managing 4GL Applications

Maintaining Application Security

OpenEdge applications can use two basic types of user authorization: application authorization which prevents unauthorized users from running application procedures and using other types of application resources, and database authorization which prevents unauthorized users from modifying database tables and fields. Application authorization always applies at run time using developer-defined privileges. OpenEdge provides four types of database authorization: compile-time authorization ensures that only authorized users can compile procedures that access protected tables and fields, run-time authorization ensures that when the application is run that only authorized users can access database tables and fields, connection authorization ensures that only authenticated users can connect to an OpenEdge database, and schema authorization ensures that only authorized administrators can manage table, field, index, and sequence definitions.

OpenEdge also relies on security mechanisms at the operating system level to ensure that only authorized users access r-code procedure files, procedure library files, and database files. This chapter contains the following sections:

Database table- and field-level security
Compile-time security
Run-time security
Operating system security
Designating a security administrator

For information about establishing and maintaining connection security, schema security, and database file security, see OpenEdge Data Management: Database Administration . In addition to the security features described in this chapter, OpenEdge supports secure connections between OpenEdge client and server components on the network using the Secure Sockets Layer (SSL). For more information, see OpenEdge Getting Started: Core Business Services .