OpenEdge 10.1B introduced a new Option to the Data Administration (Windows) user interface or the Data Dictionary (Unix) user interface under the Admin menu: Database Options
, a toggle box option to select Disallow Blank Userid.
- When enabled, the database will only allow connections from a user if the user provides a username and password.
In previous versions, only the Disallow Blank Userid Access
Option under the Admin, Security
menu was available.
- When enabled, this Option adds the "!,*" value to table security information to prohibit a blank user from accessing table data.
- When a non-blank user connects to the database then that user will be able to access data within the database tables.
- A non-blank user which already has access to table data can write and compile code against the table. The userid of the user which compiled the code will be embedded in the r-code. From that point forward, that code will always be able to access the table(s) data unless “Database Options > Disallow Blank Userid” prohibits a blank user connection.
Without Blank Userid Security enabled, when a user connects to a database with the default blank user identity, the user potentially has full access to the database. To prevent users with a blank user ID from gaining unauthorized access to an OpenEdge database one of the following two options (or both) may be chosen starting with OpenEdge 10.1B:Option 1: Disallow Blank User (run-time) security
Admin > Database Options > Disallow Blank Userid
Setting the Database Option to Disallow Blank Userid Connections, in which case the User ID (-U) parameter and a non-blank user ID and password are required to connect to the databaseOption 2: Disallow Blank User (compile-time) security
Admin > Security > Disallow Blank Userid Access
Setting the Security Option to Disallow Blank Userid Access
, prevents a blank user from writing and compiling code against tables if that user does not have rights to the table. However, application code which was compiled by an authorized user will still be able to be run against the database even if the current user doesn't supply a user and password.
The first Option, Disallow Blank User (run-time) security, prevents blank users from connecting to the database in certain, but not all, scenarios;
The second Option, Disallow Blank User (compile-time) security, prevents blank users from accessing any data in the database by explicitly revoking blank user ID access to all data in the database.
These two Options together provide the most comprehensive protection from unauthorized access by a blank user. In addition, the Database Options, "Use Runtime Permissions Checking
" can be enforced. For further information refer to Article:
Non-blank user IDs must be assigned to the Security Administrator Role before restricted access to blank users is applied.
Always take a database backup prior to undertaking any maintenance, especially in this area of security.