Progress
Portability Guide


Security

Progress table and field security checking can be based on user IDs. UNIX assigns a user ID to each user; Windows does not unless security has been implemented. However, you can use Progress security with Windows by prompting the user for a user ID and password as part of the login process.

To obtain the current user ID, use the Progress USERID function. Use this function when you want to allow only one user ID to a procedure.

On operating systems where security has been implemented, the USERID function returns the user ID of the user executing the function. In Windows where security is not implemented, the function returns a null value. While blank user IDs can connect to the database, they cannot access data protected by compile-time and run-time security.

After Progress starts running, you can use the SETUSERID function to change the current user ID. The SETUSERID function returns a true value and assigns the user ID to the user if the user ID and password are in the _User table. If the user ID is not in the _User table or the password is incorrect, SETUSERID returns a false value and does not assign the user ID to the user.

You can also use the CAN-DO function to perform security checking. The CAN-DO function compares the current user ID with a list of users who have permission to access a specified file.

For more information on the USERID, SETUSERID, and CAN-DO functions, see the Progress Language Reference.

User IDs and Progress passwords are case sensitive. For more information on security and user IDs, see the Progress Database Administration Guide and Reference and the Progress Programming Handbook.

Using DataServers involves following the security guidelines required by both Progress and ORACLE, SYBASE, C-ISAM, and DB2/400. By default, Progress does not impose security on databases (it only allows unrestricted access to databases), so at a minimum, you must follow the guidelines required for your application. See the appropriate Progress DataServer Guide for more information on security.


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095