Applicable Versions: 2.01.0152 and above



Often you may wish to control which systems and/or connections a user has access to based on their username.


The DataLocation determines the location from which the setup files that define systems and connections should be loaded. If the DataLocation is set to an AppServer (see KB "How do I store my setup centrally on the server rather than on each client?"), DataPA will try and call a server-side procedure to allow you to filter the complete set of systems and connections based on the user.


Follow the steps below to filter systems and/or connections based on the user:


Step 1 - Create Filter Connections Procedure
The filter connections procedure must be called PAFilterConnections.p and reside in the PROPATH of the AppServer. The procedure receives the username as an input parameter, and a temp table containing all the available connections as an input-output parameter. You can download example server-side procedures from the downloads section.


The definitions for this procedure should be as follows:


DEFINE TEMP-TABLE ttConnections
  FIELD cName           AS CHARACTER
  FIELD cConnectionName AS CHARACTER
  FIELD bPrimary        AS LOGICAL
  FIELD bAdmin          AS LOGICAL.

DEFINE INPUT  PARAMETER ip-cUserName     AS CHARACTER NO-UNDO.
DEFINE INPUT-OUTPUT PARAMETER TABLE FOR ttConnections.


The username received by PAFilterConnections.p is the username entered by the user when DataPA connects to the AppServer, if available, otherwise the users Windows username. The ttConnections temp-table will be populated with a record for each connection of each system defined in DataPA. To prevent a user accessing a connection, simply delete the record. You can also set a single connection for each system as the default connection by setting bPrimary to true. You can also set a single connection for each system as the connection to always be used when performing administration functions by setting bAdmin to true. The following code gives an example of how to filter connections so user Nick can see only the live connection, and user Ben can see only the test system:



FOR EACH ttConnections:
  IF ip-cUserName = ""Nick"" THEN DO:
    IF ttConnections.cConnectionName = ""test"" THEN DELETE ttConnections.
  END.
  IF ip-cUserName = ""Ben"" THEN DO:
    IF ttConnections.cConnectionName = ""live"" THEN DELETE ttConnections.
  END.
END.


Step 2 - Configuring the AppServer to filter connections
To configure the AppServer to filter connections simply ensure PAFilterConnections.p is in the PROPATH for the AppServer. To modify the PROPATH of the AppServer, follow these steps:

  1. Copy the connect procedure detailed above into the PROPATH of the AppServer
  2. Start Progress Explorer
  3. Choose the AppServer
  4. Choose Action-->Properties
  5. Expand the Agent tree from the Properties dialog box and select General
  6. Modify the PROPATH to include the directory containing PAFilterConnections.p
  7. Press OK
  8. Restart the AppServer

Step 3 - Configure DataPA to filter connections
If an AppServer is configured correctly to distribute server-side security, simply set the DataLocation to that AppServer (see KB "How do I store my setup centrally on the server rather than on each client?") to configure the DataPA client to use server-side security.