OpenEdge Getting Started:<br />Core Business Services Preface

OpenEdge® supports two core business services: security and auditing. Security comprises several different functions, such as authentication, authorization, confidentiality, integrity, trust, identity management, and auditing. Auditing is a core business service in its own right, providing you with the means to track who did what, where, when, and how.

This manual provides an overview of security features supported by OpenEdge and all of its components, with references on where to find more information about them. OpenEdge provides security features that affect access to individual components and features. It also provides support for features of a Public-Key Infrastructure (PKI) that you can use to secure communications among OpenEdge components on a network. This manual provides a primary point of reference for information on PKI and how OpenEdge implements features of a PKI as part of its overall security support.

The manual also provides information about identity management in OpenEdge and an overview of auditing features supported by OpenEdge, such as auditing security, developing and deploying an audit-enabled application, and maintaining, querying, and reporting on audit data.

Audience

Anyone who is interested in OpenEdge security, including architects, developers, and IT administrators will find useful information in this manual to both plan and implement security for an application. Additionally, anyone who is interested in implementing an auditing solution will find details regarding planning for, implementing, and maintaining audit policies and data.

Looking outside this document for further information

This document focuses on the OpenEdge core business services of security and auditing. The content of the document is presented based on the assumption that you are familiar with overall concepts related to databases and database management.

Organization

Defines and provides an overview of the core business services, security and auditing, supported in OpenEdge.

Provides an overview of all security features supported by OpenEdge, with references to other OpenEdge documentation.

Describes authentication and authorization methods supported by OpenEdge, including using the OpenEdge database _User table or an external user identity validation source.

Provides an overview of PKI, including information on how OpenEdge supports PKI features and where to find more information about them.

Provides an overview of SSL, the primary implementation of PKI features that OpenEdge supports.

Describes the OpenEdge SSL architecture and how each SSL-supported OpenEdge component works within it.

Describes the OpenEdge auditing core service and provides details about planning to implement an auditing solution.

Provides details about various aspects of auditing security: managing privileges; archiving audit data records; audit security for database clients, tools, utilities, and audit policies; and configuring additional user authentication systems and domains.

Provides an overview of how to develop and audit-enable an OpenEdge application.

Using this manual

You will also find information related to establishing security and auditing solutions for your database and applications in the following other manuals and help systems:

Typographical conventions


Convention	Description
Bold	Bold typeface indicates commands or characters the user types, provides emphasis, or the names of user interface elements.
Italic	Italic typeface indicates the title of a document, or signifies new terms.
SMALL, BOLD CAPITAL LETTERS	Small, bold capital letters indicate OpenEdge® key functions and generic keyboard keys; for example, GET and CTRL.
KEY1+KEY2	A plus sign between key names indicates a simultaneous key sequence: you press and hold down the first key while pressing the second key. For example, CTRL+X.
KEY1 KEY2	A space between key names indicates a sequential key sequence: you press and release the first key, then press another key. For example, ESCAPE H.
Syntax:
`Fixed width`	A fixed-width font is used in syntax statements, code examples, system output, and filenames.
`Fixed-width italics`	Fixed-width italics indicate variables in syntax statements.
`Fixed-width bold`	Fixed-width bold indicates variables with special emphasis.
UPPERCASE fixed width	Uppercase words are Progress® 4GL language keywords. Although these are always shown in uppercase, you can type them in either uppercase or lowercase in a procedure.
	This icon (three arrows) introduces a multi-step procedure.
	This icon (one arrow) introduces a single-step procedure.
Period (.) or colon (:)	All statements except `DO`, `FOR`, `FUNCTION`, `PROCEDURE`, and `REPEAT` end with a period. `DO`, `FOR`, `FUNCTION`, `PROCEDURE`, and `REPEAT` statements can end with either a period or a colon.
[ ]	Large brackets indicate the items within them are optional.
[ ]	Small brackets are part of the Progress 4GL language.
{ }	Large braces indicate the items within them are required. They are used to simplify complex syntax diagrams.
{ }	Small braces are part of the Progress 4GL language. For example, a called external procedure must use braces when referencing arguments passed by a calling procedure.
\|	A vertical bar indicates a choice.
...	Ellipses indicate repetition: you can choose one or more of the preceding items.

Examples of syntax descriptions

In this example, ACCUM is a keyword, and aggregate and expression are variables:

Syntax
ACCUM `aggregate expression`

FOR is one of the statements that can end with either a period or a colon, as in this example:

FOR EACH Customer: DISPLAY Name. END.

In this example, STREAM stream, UNLESS-HIDDEN, and NO-ERROR are optional:

In this example, the outer (small) brackets are part of the language, and the inner (large) brackets denote an optional item:

A called external procedure must use braces when referencing compile-time arguments passed by a calling procedure, as shown in this example:

Syntax
DISPLAY [ STREAM `stream` ] [ UNLESS-HIDDEN ] [ NO-ERROR ]

Syntax
INITIAL [ `constant` [ , `constant` ] ]

Syntax
{ `&argument-name` }

In this example, EACH, FIRST, and LAST are optional, but you can choose only one of them:

In this example, you must include two expressions, and optionally you can include more. Multiple expressions are separated by commas:

Syntax
PRESELECT [ EACH \| FIRST \| LAST ] `record-phrase`

Syntax
MAXIMUM ( `expression` , `expression` [ , `expression` ] ... )

In this example, you must specify MESSAGE and at least one expression or SKIP [ (n) ], and any number of additional expression or SKIP [ ( n ) ] is allowed:

Syntax
MESSAGE { `expression` \| SKIP [ ( `n` ) ] } ...

In this example, you must specify {include-file, then optionally any number of argument or &argument-name = "argument-value", and then terminate with }:

Long syntax descriptions split across lines

Some syntax descriptions are too long to fit on one line. When syntax descriptions are split across multiple lines, groups of optional and groups of required items are kept together in the required order.

Complex syntax descriptions with both required and optional elements

Some syntax descriptions are too complex to distinguish required and optional elements by bracketing only the optional elements. For such syntax, the descriptions include both braces (for required elements) and brackets (for optional elements).

Syntax
{ `include-file` [ `argument` \| `&argument-name = "argument-value"` ] ... }

Syntax
WITH [ ACCUM `max-length` ] [ `expression` DOWN ] [ CENTERED ] [ `n` COLUMNS ] [ SIDE-LABELS ] [ STREAM-IO ]

In this example, ASSIGN requires either one or more field entries or one record. Options available with field or record are grouped with braces and brackets:

Syntax
ASSIGN { [ FRAME `frame` ] { `field` [ = `expression` ] } [ WHEN `expression` ] } ... \| { `record` [ EXCEPT `field` ... ] }

OpenEdge messages

OpenEdge displays several types of messages to inform you of routine and unusual occurrences:

OpenEdge messages end with a message number in parentheses. In this example, the message number is 200:

If you encounter an error that terminates OpenEdge, note the message number before restarting.

Obtaining more information about OpenEdge messages

In Windows platforms, use OpenEdge online help to obtain more information about OpenEdge messages. Many OpenEdge tools include the following Help menu options to provide information about messages:

** Unknown table name `table.` (200)

On UNIX platforms, use the Progress pro command to start a single-user mode character OpenEdge client session and view a brief description of a message by providing its number.

Start the Progress Procedure Editor:


`install-dir`/dlc/bin/pro

Press F3 to access the menu bar, then choose Help

Messages.

Type the message number and press ENTER. Details about that message number appear.

Press F4 to close the message, press F3 to access the Progress Procedure Editor menu, and choose File

Exit.

Preface

Purpose