OpenEdge Development:<br />Progress 4GL Reference SEAL( ) method

Release 10.1A: OpenEdge Development:
Progress 4GL Reference

SEAL( ) method

Seals a Client-principal object with the specified message authentication code (MAC). Sealing a Client-principal object signifies that the user identity from the authentication domain has successfully logged into that domain. Once logged in, you can use the sealed Client-principal object to set a user ID using either the SET-CLIENT( ) method or SET-DB-CLIENT function.

You must set the following attributes on the Client-principal object before you can seal the object:

USER-ID attribute

DOMAIN-NAME attribute

SESSION-ID attribute

If you do not set these attributes, Progress generates a run-time error.

You can seal a Client-principal object only once per user login session. Then, you can use the VALIDATE-SEAL( ) method to validate the seal whenever necessary.

Once sealed, you cannot set any new or existing properties or attributes for the object.
Return type: LOGICAL
Applies to: Client-principal object handle
Syntax
SEAL( key ) 
key
A character expression containing the key of the authentication domain that authenticated the user ID. Progress uses this key to generate the MAC with which to seal the Client-principal object. Progress converts this key to UTF-8 before using it, which ensures a consistent value regardless of code page settings. A matching authentication domain key must be registered in a trusted authentication domain registry before you can validate and use the user ID represented by the Client-principal object.

If successful, this method returns TRUE. Progress also sets the SEAL-TIMESTAMP attribute with the time stamp of when the Client-principal object was sealed, and sets the LOGIN-STATE attribute to “LOGIN”.

Progress also checks the LOGIN-EXPIRATION-TIMESTAMP attribute. If the Client-principal object expires before you can seal it, Progress sets the LOGIN-STATE attribute to “EXPIRED” and returns FALSE.

Calling this method generates an audit event and creates an audit record for the event in all connected audit-enabled databases according to each database’s current audit policy settings.
Example

The following code fragment illustrates how to use the SEAL( ) method:
DEF VAR hCP as HANDLE. 
DEF VAR key as CHAR. 
DEF VAR result as LOGICAL. 
. 
. 
. 
CREATE CLIENT-PRINCIPAL hCp. 
. 
. 
. 
result = hCP:SEAL(key). 
See also

SEAL-TIMESTAMP attribute, LOGIN-EXPIRATION-TIMESTAMP attribute, LOGIN-STATE attribute, SET-CLIENT( ) method, SET-DB-CLIENT function, VALIDATE-SEAL( ) method