WebSpeed
Product Update Bulletin


AdminServer Security Enhancement

Progress Version 9.1D and WebSpeed Version 3.1D have optional functionality that allows access to the AdminServer based on a user’s membership in a group that has the appropriate privileges to perform AdminServer operations. This level of security is known as authorization.

Prior versions of Progress and WebSpeed supported authentication. Authentication allows validation of a user’s identity by requiring a username and password. Authorization defines what users can do after they successfully log in. If authorization is enabled, users must belong to a group that has privileges to perform AdminServer operations. WebSpeed developers, for example, usually require access to the AdminServer for controlling and configuring databases, brokers, agents, NameServers, and messengers. Those developers would have to belong to a group that is defined to allow them to perform AdminServer tasks.

Authorization is optional. You choose to enable or disable authorization during installation. If you choose to disable authorization, the AdminServer functions as it did in prior versions of Progress and WebSpeed. There is no authorization (group checking) of users. If you choose to enable authorization, the installation prompts for a list of groups that have privileges to perform AdminServer tasks. Creating groups and determining group membership should be done prior to the installation.

Manuals:


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095