OpenEdge Getting Started:<br />Core Business Services Asserting and authorizing access for a user ID validated from a trusted authentication system

Release 10.1A: OpenEdge Getting Started:
Core Business Services

Asserting and authorizing access for a user ID validated from a trusted authentication system

In the Progress 4GL, you can use the SETUSERID function to assert a current user for a user ID authenticated and stored in the OpenEdge RDBMS. However, to assert a user that is authenticated by any external trusted authentication system (independent of _User table user IDs), the 4GL and OpenEdge RDBMS provide the following elements:

Client-principal object.

SECURITY-POLICY system handle.

SET-DB-CLIENT function.

OpenEdge RDBMS authentication system and domain tables.

Together, these 4GL mechanisms allow you to assert a user from the specified authentication domain as the connected application or database user. This connected user identity can be stored and passed around an application independent of the database. For more information on managing identities for both application and database access, see Chapter 4, "Identity Management," in this manual. For more information on asserting identities as a trusted user from the 4GL, see the sections on application security in OpenEdge Development: Programming Interfaces .