_progress._sec-authentication-domain

This table registers the valid authentication system domains for this database that can be used to authenticate or validate the authentication of a user account. The authentication domain must be for a valid trusted authentication system as defined in the _sec-authentication-system table, e.g. LDAP, RSA, KEON, KERBOS, Internal, etc. The details in this table are installation specific and will be maintained by the DBA.


Table details

Area Schema Area
Dumpname _sec-authentication-domain
Label ?
Val.exp ?
Val.msg

Fields

Order Field Name x Label Datatype Format Initial Mand Description
6 _Auditing-context X Auditing context character X(500) V: e sz 70 BY 8 sv MAX-CHARS 500
D: This text will provide the Audit record context value when a _client-session record is recorded to the database. It should describe the domain's Authentication System, location, and any other identifying characteristics. While this value is optional for auditing, it is recommended that a value be filled in.
5 _Domain-access-code X Domain access code character X(500) ? V: e sz 70 BY 8 sv MAX-CHARS 500
D: This is an encrypted access-code-phrase that is used to validate the identity and integrity of any CLIENT-PRINCIPLE issued by the Authentication System represented by this domain The access-code-phrase is an encrypted string consisting of printable characters with a null terminator (including embedded spaces and tabs). The pass phrase is case sensitive and will be used to generate and validate [MD5] MAC seals in CLIENT-PRINCIPAL objects. Note that this field is encrypted for security purposes and the encryption method used must be understood by the 4GL / PVM as it must know how to decrypt the access code to validate it.
16 _Domain-category X Domain Category integer ->>,>>9 0
13 _Domain-custom-detail X Domain custom detail character X(500) V: e sz 70 BY 8 sv MAX-CHARS 500
D: This is an additional field to hold custom specific authentication domain details.
4 _Domain-description X Domain description character X(500) V: e sz 70 BY 8 sv MAX-CHARS 500
D: This is a free text description to describe the authentication domain primarily for reporting purposes.
8 _Domain-enabled X Domain enabled logical YES/NO YES V: tb
D: This is a logical field to facilitate the disabling of the domain without deleting the definition. If set to NO then authentication for this domain will be disabled. The default is YES to enable authentication for this domain.
15 _Domain-Id X Domain Id int64 ->>>>>9 0
2 _Domain-name X Domain name character X(64) ? D: This is the logical name of a single Authentication System (domain) that can be used to authenticate or validate the authentication of a user account. The 4GL or SQL will refer to this name when it begins a user authentication process or it is validating the CLIENT-PRINCIPAL object that was produced by an authentication operation performed in this domain. The domain name may be used to fully qualify a user's identity by suffixing it to the user's id using a "@" delimiter (ex: fred@ldap). This name is case sensitive.
7 _Domain-runtime-options X Domain runtime options character X(500) V: e sz 70 BY 8 sv MAX-CHARS 500
D: This field is used to define a comma delimited list of runtime options for the 4GL / PVM for this domain. The valid runtime options will depend on the domain type.
3 _Domain-type X Domain type character X(70) ? D: The name of this authentication system, e.g. LDAP, KERBOS, RSA, KEON, Internal, etc. This field must contain a value for a registered authentication system in the _sec-authentication-system table.
9 _PAM-actions X PAM actions character X(70) D: This field is only applicable to PAM plug-in authentication systems. This is a string value that holds a comma separated (no embedded spaces) list of the authentication system actions that will be performed by the PAM plug-in module. At least one value must be specified. Valid [case sensitive] values are: "account" performs account management operations. "auth" performs user authentication operations "session" performs [login] session management "password" performs user account password changes
10 _PAM-control X PAM control character X(70) D: This field is only applicable to PAM plug-in authentication systems. This is a string value that holds the PAM plug-in control information that is used by the PAM library during the user authentication process. The field is a [case sensitive] value that indicates the PAM library's behavior if the user authentication should fail. The valid values are: requisite required sufficient optional See the PAM library documentation for a fuller description
11 _PAM-library-path X PAM library path character X(70) D: This field is only applicable to PAM plug-in authentication systems. This is a string file path of where to load the PAM plug-in module from. The file path separator character is always '"/" and will be converted for Windows systems as is necessary. The value should always be a fully qualified path for security reasons. The name of the library itself is defined in the _PAM-module-name field of the _sec-authentication-system table, and this name must be added to the path.
12 _PAM-options X PAM options character X(500) V: e sz 70 BY 8 sv MAX-CHARS 500
D: This field is only applicable to PAM plug-in authentication systems. This is a string field that contains a space separated list of PAM plug-in options. The format of the field is like that used by a command-line utility but specifics must be obtained from the PAM plug-in documentation.
14 _Tenant-Name X Tenant Name character X(32) ?

Indexes

Index name Flags Fields Datatype
_Domain-name P U _Domain-name (+) character
_Domain-description _Domain-description (+) character
_Domain-enabled _Domain-enabled (+) logical
_Domain-Id U _Domain-Id (+) int64
_Domain-type _Domain-type (+) character
_Tenant-Name _Tenant-Name (+) character
+ = Ascending - = Descending P = Primary U = Unique I = Inactive W = Wordindex

generated 3-3-2025 10:54