The ABL mechanisms for asserting the auditing ID depend on how you authenticate and assert user IDs. These mechanisms include several ABL elements, including:

  • The ABL SETUSERID function, CONNECT statement, and the User ID (-U) and Password (-P) startup parameters used to authenticate and set database connection IDs using the OpenEdge internal authentication system (_User table)
  • The client-principal object used to represent and, together with a trusted authentication domain registry, validate an externally authenticated user ID as a database connection ID or OpenEdge session ID
  • The ABL SET-DB-CLIENT function and the SET-CLIENT( ) method on the SECURITY-POLICY system handle used to assert and validate an externally authenticated user ID represented by a client-principal object

The following sections describe the use of these elements in the context of auditing. For more information on using these mechanisms to assert user identities in application code, see Application Security.

This section describes the following basic application scenarios and the ABL elements you can code to assert the auditing ID for a given audit-enabled database: