M
Michael Jacobs
Guest
Hello David, Your choosing the OE Authentication Gateway as your ultimate destination is a good decision. It will give you a single point of user authentication for ABL database clients, PASOE, and OEM. The resulting Client-Principal can then be used across all of your product’s ABL components to control access to your DB and application. I think another important part of the OE Auth Gateway is that it can give your DBA Role based control of physical DB connections from all forms of ABL ( & SQL ) clients. The DBA can be in control of who can connect and from where that connection can originate from – defeating IP address spoofing and other types of DB connection spoofing. If you start by requiring your existing DB clients to use -U/-P for the initial connection, the OE Authn Gateway will be easier to integrate later. After the connection you can use Client-Principal objects to change that connection ID as needed. The OE Auth Gateway supports stronger user logins like LDAP & AD, but migrating your existing built-in security should be viable also and allow changes to be staged in smaller increments. I really don't have a good short-term idea other than the traditional port connection solutions. Hope that information helps.
Continue reading...
Continue reading...