Application security
- Last Updated: March 30, 2020
- 1 minute read
- OpenEdge
- Version 12.2
- Documentation
OpenEdge supports application implementation of the following features for securing an application running on PAS for OpenEdge:
- Authenticating users to PAS for OpenEdge at connect time.
- Authenticating and transporting an application user identity across the ABL sessions of an n-tier application, and maintaining user identity context for both session-managed and session-free applications. For information about transporting (exporting and importing) user identity, see OpenEdge Programming Interfaces.
- Authorizing user or client access to PAS for OpenEdge ABL application
procedures using access control lists implemented using the
EXPORT( )method on theSESSIONsystem handle. - Using PAS for OpenEdge to intelligently filter access to database resources for clients (instead of simply "passing through" client access to database tables and fields).
- Generating PAS for OpenEdge activity audit trails.
- Using run-time compilation and other dynamic resources to dynamically configure and run ABL application procedures according to application security constraints. This feature can also make use of encrypted source code to secure the source for run-time compilation (see Secure source code).