Release 10.1A: OpenEdge Development:
Progress Dynamics Administration

Setting global security and management options

When you first start up Progress Dynamics, you might want to set some general options that govern the operation of sessions that run there. A table in the Progress Dynamics Repository (gsc_security_control, entity mnemonic GSCSC) maintains settings in a single record used to control an entire session. These settings include basic options for managing the user interface and security control.

Notes: Progress Dynamics only secures objects in the application. If you want to secure database access or files in the operating system, see OpenEdge Data Management: Database Administration . For a broader discussion of securing applications, see OpenEdge Getting Started: Core Business Services .

All session data, including data used for session startup and security, is typically stored in the Progress Dynamics configuration XML file (icfconfig.xml). You can make this startup and security data more secure, especially if you maintain it outside the Repository, by importing any changes to the configuration file into the secured Repository. For more information, see the sections on importing the configuration file in Chapter 2, " Defining and Managing Sessions."

To access the global options for Progress Dynamics session security and management, choose Security Security Control from the Administration window.

Progress Dynamics displays the Security Control window, as shown in Figure 3–1.

Figure 3–1: Security Control window

Note: You can save the changes you make in this window, but because Progress Dynamics allows only one record in the gsc_security_control table, the Add record button is disabled in the toolbar. However, you can modify the existing record.

For security, the important settings include:

Security Model — Lets you define whether you want to use a revoke or a grant security model for your entire application. For more information on this option, see the "Choosing a security model: grant versus revoke" section.
Login filename — The name of the login program to run. By default, this is af/cod/gsmuslognw.w, and it displays the default login window, as shown:



Password max. retries — The maximum number of times a user can enter a password incorrectly before the user’s account is disabled.
Password history life time — The number of days to keep and check the password history. The default value is 365 (one year). The password history is a log of when and who changed a user’s password. To see the password history for a user, select the Security Maintenance Users node, then choose the Password History tab.
Security enabled — Specifies for Progress Dynamics to perform security checks.
Force unique password — Specifies that the password for every user must be different from the passwords used by all other users. This option allows Progress Dynamics to locate a user’s record with just a password.
Program access check — Specifies that the system checks whether a program is already running for a user. This restricts the user to running only a single session of a program.
Multi user check — Specifies that the system should ensure that a user does not log in more than once. A user can only log in once per user id.