Release 10.1A: OpenEdge Development:
Programming Interfaces
Configuring auditing privileges
OpenEdge supports a separate set of auditing privileges to control who can do what to auditing policies and data. To prevent unauthorized access this information, the compile-time and run-time support for
CAN*permissions on database tables and fields have no effect on the auditing metaschema.Depending on the function of your auditing-aware application, you must ensure that the users who can run it have the appropriate auditing privileges set. Table 3–1 lists the auditing privileges and the application functionality that they support.
OpenEdge enforces the Application Audit Event Inserter privilege only if you set the appropriate database auditing option (Enforce Audit Insert Privilege). If you set this option for an audit-enabled database, any user who runs an audit-aware application that generates application events must have the Application Audit Event Inserter privilege, and depending on the application architecture, might also require the Audit Data Reporter privilege. The Audit Administrator and Audit Data Archiver privileges are required by any user who runs an audit configuration and audit archiving tool, respectively. And the Audit Data Reporter privilege is also required for any user who runs an audit reporting tool. For more information on audit privileges, see OpenEdge Getting Started: Core Business Services . For more information on setting audit privileges for users, see the Data Administration online help and OpenEdge Development: Basic Database Tools .
The following sections describe the essential 4GL elements and requirements for writing these audit-aware applications and auditing tools.
|
Copyright © 2005 Progress Software Corporation www.progress.com Voice: (781) 280-4000 Fax: (781) 280-4095 |