OpenEdge Development:<br />Programming Interfaces Authorizing access to procedures and database resources

Release 10.1A: OpenEdge Development:
Programming Interfaces

Authorizing access to procedures and database resources

To ensure that only authorized users can access certain features in your application, you can provide run-time authorization to check the user ID of any user attempting to run a particular procedure or to access database tables and fields. The Progress 4GL provides a mechanism, the CAN-DO function, which allows you to validate a list of user IDs against one of the following:

The user ID for a given database connection (database connection ID).

An application specified user ID.

You can use the success of this validation to determine if a given procedure can be run.

You can also check the authorization (configured in a given OpenEdge RDBMS) for users to access specific database tables and fields, based on the current database connection ID.

The following sections describe:

Authorizing users from within a given procedure

Defining activities-based user authorization

Authorizing user access to tables and fields