OpenEdge Getting Started:<br />Core Business Services Authenticating and authorizing a user ID to the OpenEdge RDBMS

Release 10.1A: OpenEdge Getting Started:
Core Business Services

Authenticating and authorizing a user ID to the OpenEdge RDBMS _User table

In the Progress 4GL, can authenticate a user ID found in the OpenEdge RDBMS _User table using the following features:

User ID (-U) and Password (-P) startup parameters — Authenticates the user ID specified on the command line or in the CONNECT statement to the user IDs and passwords stored in the OpenEdge RDBMS.

SETUSERID function — Authenticates a specified user ID and password to the user IDs and passwords stored in the OpenEdge RDBMS. If authenticated, this function also asserts the user ID as the current user ID, as returned by the USERID function.

In the Progress 4GL, you can authorize an authenticated user ID for permissions specified by application resources and OpenEdge RDBMS tables and fields using the following 4GL features:

CAN-DO function — Can be used to authorize one or more specified user IDs against a list of permissions that specify whether a user can access certain procedures or features.

Can-* permissions — Specified through the OpenEdge Data Administration tools, can be used to authorize the connected user ID for table and field operations at 4GL compile time and (optionally) at run time.

For more information on authentication and authorization in the Progress 4GL, see the sections on application security in OpenEdge Development: Programming Interfaces and OpenEdge Deployment: Managing 4GL Applications .

In OpenEdge SQL, users are automatically authenticated and authorized against user IDs and SQL privileges specified in the OpenEdge RDBMS. SQL privileges are automatically available to users once they have been granted by the SQL DBA or another SQL user who has the privilege to grant them using the SQL GRANT statement. Users can be blocked from privileges by another SQL user who has the privilege to revoke them using the SQL REVOKE statement. For more information on authentication and authorization in OpenEdge SQL, see OpenEdge Data Management: SQL Development .