Release 10.1A: OpenEdge Reporting:
Report Builder Deployment

Using password security

To add security for user passwords with the table interface, use the aderb/_rbpwenc.p procedure to encode the passwords, then specify the Encoded Password (-rbP) parameter in the database connection string either on the command line or in the RB-DB-CONNECTION field of the Report Engine table. When you use the -rbP parameter, Report Engine accepts encoded passwords and deciphers the encoding. You can specify -rbP either on the command line or in place of the Password (-P) parameter in the RB-DB-CONNECTION field of the Report Engine table.

Progress Software Corporation supplies the compiled code for the _rbpwenc procedure. The procedure accepts two character arguments:

An input argument, which is the password.
An output argument, which is the encoded password.

The password.p. procedure shows how to use the aderb/_rbpwenc procedure:

password.p

DEF VAR encodepw AS CHARACTER. DO TRANSACTION: CREATE RBREPORT. ASSIGN RBREPORT.RB-REPORT-LIBRARY = "rbsample.prl" RBREPORT.RB-REPORT-NAME = "Customer Discount" RBREPORT.RB-PRINT-DESTINATION = "D". RELEASE RBREPORT. END. RUN aderb/_rbpwenc.p ("password", OUTPUT encodepw). RUN aderb/_prore.p (FALSE, "-db sample.db -S demosv1 -H localhost -N tcp -rbdel -U username -rbP " + encodepw ).

Caution: Although _rbpwenc encodes users’ passwords making it more difficult for a user to obtain the password required to connect to a database, other users can still copy the encoded password and use it to generate their own reports. Progress Software provides _rbpwenc to make your password more secure, but it does not guarantee that _rbpwenc is unbreakable.