Release 10.1A: OpenEdge Deployment:
Managing 4GL Applications

Run-time security

You (as the developer) can write custom run-time authorization to prevent unauthorized users or precompiled procedures from accessing restricted database tables and fields. To establish run-time security for precompiled procedures, you must set up a permissions table within the database. To establish run-time security for tables and fields, you must set the table and field permissions using the Data Administration tool or character Data Dictionary.

The permissions table contains records that specify users who are authorized to run specific procedures. Each record in the permissions table must contain at least two fields: an Activity field and a Can-Run field. The Activity field contains the name of the procedure and the Can-Run field contains the user IDs of those who have permission to run the procedure. Within the application, you can use the CAN-DO and USERID functions to test whether the current user can run a specific procedure.

As security administrator, you must maintain the permissions table. It is your responsibility as the developer to provide the tools to maintain this table. For more information about setting up run-time security with a permissions table, see the information on run-time security in OpenEdge Development: Programming Interfaces .

As security administrator, you can also specify the run-time security permissions for database tables and fields. For more information, see the "Setting table and field permissions" section.