Progress
Report Builder
Deployment Guide


Using Password Security

To add security for user passwords with the table interface, use the aderb/_rbpwenc.p procedure to encode the passwords, then specify the Encoded Password (-rbP) parameter in the database connection string either on the command line or in the RB-DB-CONNECTION field of the Report Engine table. When you use the -rbP parameter, Report Engine accepts encoded passwords and deciphers the encoding. You can specify -rbP either on the command line or in place of the Password (-P) parameter in the RB-DB-CONNECTION field of the Report Engine table.

Progress Software Corporation supplies the compiled code for the _rbpwenc procedure. The procedure accepts two character arguments:

The password.p. procedure shows how to use the aderb/_rbpwenc procedure:

password.p
DEF VAR encodepw AS CHARACTER.

DO TRANSACTION:

  CREATE RBREPORT.

  ASSIGN
    RBREPORT.RB-REPORT-LIBRARY = "rbsample.prl"
    RBREPORT.RB-REPORT-NAME = "Customer Discount"
    RBREPORT.RB-PRINT-DESTINATION = "D".
    RELEASE RBREPORT.
END.

RUN aderb/_rbpwenc.p ("password", OUTPUT encodepw).

RUN aderb/_prore.p (FALSE, "-db sample.db -S demosv1 
  -H localhost -N tcp -rbdel -U username -rbP " + encodepw ). 

CAUTION: Although _rbpwenc encodes users’ passwords making it more difficult for a user to obtain the password required to connect to a database, other users can still copy the encoded password and use it to generate their own reports. Progress Software provides _rbpwenc to make your password more secure, but it does not guarantee that _rbpwenc is unbreakable.

Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095