For ABL application development, OpenEdge supports the following security features from directly within ABL:

  • User authentication through user ID and password validation to support authorized access to databases and other security features. For more information on user authentication features, see Core user authentication and authorization.
  • Data privacy using the Secure Sockets Layer (TLS) between ABL client sockets and supported socket servers, between supported socket clients and ABL server sockets, between the ABL clients and databases, and between ABL clients and PAS for OpenEdge instances. For more information about TLS in OpenEdge, see Application network security using TLS.
  • Compile-time authorization (the OpenEdge default) to ensure that only authorized users can compile procedures that perform specific database table and field accesses.
  • Optional run-time authorization to ensure that only authorized users can run specific precompiled procedures and to otherwise provide feature authorization by defining activities-based security validation; also to ensure that only authorized users can run procedures that perform specific database table and field accesses. You can also set an authorization key in an OpenEdge database using the DBAUTHKEY option of the OpenEdge PROUTIL utility to prevent unwanted precompiled procedures that have already passed compile-time authorization from running against the database.
  • Cryptography to ensure that unauthorized users cannot read or change data. For more information about cryptography and the cryptographic features of ABL, see Cryptography.
    CAUTION: Progress Software Corporation recommends that you use the cryptographic features of ABL only if you have a well-grounded understanding of cryptography and its usage. Use of cryptography without the necessary preparation can result in permanent data loss. In general, cryptography can have significant negative impact on application performance and decrease effective data compression for data stored in a database.
  • Auditing for OpenEdge databases, database utilities, SQL applications, and ABL applications that records a non-repudiatable audit trail of both pre-defined database events and ABL-defined (or SQL-defined) application events. For more information, see Secure auditing.

For more information on authorization, see Core user authentication and authorization. For more information on security features of ABL, see OpenEdge Programming Interfaces.