OpenEdge Getting Started:<br />Core Business Services Progress 4GL applications

For Progress 4GL application development, OpenEdge supports the following security features from directly within the 4GL:

General user authentication through user ID and password validation to support other security features. For more information on user authentication features, see the "Core user authentication and authorization" section.

Database connection authorization to ensure authorized access to a database.

Data privacy using the Secure Sockets Layer (SSL) between 4GL client socket objects and supported socket servers, and between supported socket clients and 4GL server socket objects; also between the 4GL client and database, and between the 4GL client and AppServer. For more information on SSL in OpenEdge, see the "Application network security using SSL" section.

Schema authorization to ensure that only authorized users can modify table, field, and index definitions.

Compile-time authorization to ensure that only authorized users can compile procedures that perform specific database table and field accesses.

Run-time authorization to ensure that only authorized users can run specific precompiled procedures and to otherwise provide feature authorization by defining activities-based security validation; also to ensure that only authorized users can run procedures that perform specific database table and field accesses.

Cryptography to ensure that unauthorized users cannot read or change data. For more information on cryptography and the cryptographic features of the 4GL, see Chapter 3, " Cryptography."

Caution: Progress Software Corporation recommends that you use the cryptographic features of the 4GL only if you have a well-grounded understanding of cryptography and its usage. Use of cryptography without the necessary preparation can result in permanent data loss. In general, cryptography can have significant negative impact on application performance and decrease effective data compression for data stored in a database. For more information on managing data encryption and decryption, see the “Security” white paper prepared by the Progress Software Corporation Marketing Department, which can be found on the PSDN Web site.