Kbase P147947: 4GL/ABL: How to CREATE a CLIENT-PRINCIPAL object?
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
11/23/2009 |
|
Status: Verified
GOAL:
4GL/ABL: How to CREATE a CLIENT-PRINCIPAL object?
GOAL:
How to use the REGISTER-DOMAIN( ) method to CREATE of a CLIENT-PRINCIPAL object?
GOAL:
How to use the LOCK-REGISTRATION( ) method to CREATE of a CLIENT-PRINCIPAL object?
GOAL:
How to call the SET-CLIENT( ) method of the SECURITY-POLICY system handle?
GOAL:
How to use the SET-CLIENT( ) method of the SECURITY-POLICY system handle to set the default USERID for the ABL session?
GOAL:
How to set the value of an application-defined property associated with an unsealed CLIENT-PRINCIPAL object?
GOAL:
How to get the value of an application-defined property associated with an unsealed CLIENT-PRINCIPAL object?
GOAL:
How to register an authentication domain in the application?s trusted authentication domain registry using the REGISTER-DOMAIN( ) method of the SECURITY-POLICY system handle?
GOAL:
How to lock the registration of an application?s authentication domain for the remainder of the session using the SECURITY-POLICY system handle's LOCK-REGISTRATION( ) method?
FACT(s) (Environment):
All Supported Operating Systems
OpenEdge 10.1x
OpenEdge 10.2x
FIX:
The following sample code, demonstrates, how to:
1. Use the REGISTER-DOMAIN( ) and the LOCK-REGISTRATION( ) methods of the SECURITY-POLICY system handle to CREATE a CLIENT-PRINCIPAL object.
2. CREATE a CLIENT-PRINCIPAL object and use the SET-CLIENT( ) method of the SECURITY-POLICY system handle.
3. Set the default USERID for the ABL session using the SET-CLIENT( ) method of the SECURITY-POLICY system handle.
4. Set the value of an application-defined property associated with an unsealed CLIENT-PRINCIPAL object.
5. Get the value of an application-defined property associated with an unsealed CLIENT-PRINCIPAL object.
6. Register an authentication domain in the application?s trusted authentication domain registry using the REGISTER-DOMAIN( ) method of the SECURITY-POLICY system handle.
7. Lock the registration of an application?s authentication domain for the remainder of the session using the SECURITY-POLICY system handle's LOCK-REGISTRATION( ) method.
Additionally, the procedure displays some of the attributes and methods for the SECURITY-POLICY system handle and the CLIENT-PRINCIPAL object.
IMPORTANT NOTE: Before running this code, the Trust Application Domain Registry Security Option must be turned on. To turn on the Trust Application Domain Registry Security Option, go to the Admin > Database Options of the Database Administration Tool and check the Trust Application Domain Registry check box. Save this code as ProcedureName.p and it run successfully without a database connection using the command: prowin32 -p ProcedureName.p:
DEFINE VARIABLE pcUser AS CHARACTER NO-UNDO.
DEFINE VARIABLE gcDomainName AS CHARACTER NO-UNDO.
DEFINE VARIABLE gcDomainKey AS CHARACTER NO-UNDO.
DEFINE VARIABLE ghCP AS HANDLE NO-UNDO.
DEFINE VARIABLE lOK AS LOGICAL NO-UNDO.
ASSIGN
gcDomainName = "myAuthenticationSystemDomainName"
gcDomainKey = "myAuthenticationSystemDomainAccessCode"
pcUser = "JackInTheBox".
SECURITY-POLICY:REGISTER-DOMAIN (gcDomainName,gcDomainKey).
SECURITY-POLICY:LOCK-REGISTRATION.
CREATE CLIENT-PRINCIPAL ghCP.
ghCP:SET-PROPERTY("Eye-Color", "Green").
ASSIGN
ghCP:USER-ID = pcUser
ghCP:DOMAIN-NAME = gcDomainName
ghCP:SESSION-ID = SUBSTRING(BASE64-ENCODE(GENERATE-UUID),1,22).
lOk = ghCP:SEAL(gcDomainKey).
MESSAGE "SEAL(gcDomainKey):~t" lOk
VIEW-AS ALERT-BOX INFO BUTTONS OK.
lOk = ghCP:VALIDATE-SEAL(gcDomainKey).
MESSAGE "VALIDATE-SEAL(gcDomainKey):~t" lOk
VIEW-AS ALERT-BOX INFO BUTTONS OK.
lOk = SET-DB-CLIENT(ghCP).
MESSAGE "SET-DB-CLIENT:~t" lOk
VIEW-AS ALERT-BOX INFO BUTTONS OK.
lOk = SECURITY-POLICY:SET.-CLIENT (ghCP).
MESSAGE "SECURITY-POLICY:SET-CLIENT:~t" lOK
VIEW-AS ALERT-BOX INFO BUTTONS OK.
MESSAGE
"~t~tSELECTED CLIENT-PRINCIPAL ATTRIBUTES VALUES" "~n"
"CLIENT-PRINCIPAL DOMAIN-NAME: ~t" ghCP:DOMAIN-NAME "~n"
"CLIENT-PRINCIPAL LOGIN-STATE: ~t" ghCP:LOGIN-STATE "~n"
"CLIENT-PRINCIPAL SESSION-ID: ~t" ghCP:SESSION-ID "~n~n"
"~t~tSELECTED CLIENT-PRINCIPAL METHODS RETURN VALUES" "~n"
"CLIENT-PRINCIPAL AUTHENTICATION-FAILED( ): ~t" ghCP:AUTHENTICATION-FAILED( ) "~n"
"CLIENT-PRINCIPAL GET-PROPERTY ('Eye-Color'):~t" ghCP:GET-PROPERTY("Eye-Color") "~n"
"CLIENT-PRINCIPAL LIST-PROPERTY-NAMES(): ~t" ghCP:LIST-PROPERTY-NAMES( )
VIEW-AS ALERT-BOX INFO BUTTONS OK..