OpenEdge authorization models
- Last Updated: January 16, 2024
- 1 minute read
- OpenEdge
- Version 12.8
- Documentation
OpenEdge supports two basic authorization models, both of which rely on different types of access control lists (ACLs):
-
SQL model — Where all access to database resources is denied by default and must be
granted to a user identity as a privilege using a
GRANTstatement. This privilege can later be revoked using aREVOKEstatement. For more information on the SQL model, see OpenEdge Data Management: SQL Development and OpenEdge Data Management: SQL Reference. -
ABL model — Where all access to database resources is granted by default, and must be
specifically limited in order to deny access to particular tables and fields. These access
controls can be configured by editing table and field permissions in data security using the
database administration tools. These permissions can control access to a database through:
- Database command-line utilities
- Database administration tools
- ABL clients
You can also manually control access to ABL application features using the
CAN-DOfunction by checking a given user ID against permissions that are similar to those used to control access to tables and fields.