Security issues – PB Docs 70

Security issues

When you develop a component for deployment to MTS, you can
define roles that determine which users or groups of users are authorized
to perform specific transactions. Then when you deploy the component,
you assign roles to specific users in the MTS Explorer.

Enabling authorization in the Project painter or

When you create a COM/MTS project using a wizard,
you can instruct MTS to check the security credentials of any client
that calls the component. In the Project painter, you can specify
checking at both the component and package level on the MTS Component
and MTS Package property pages.

Programmatic security

PowerBuilder provides functions on the transaction service object
that you can use in the component to determine programmatically
whether the caller is authorized to call a specific method. IsSecurityEnabled
determines whether security is enabled for the component. IsCallerInRole
determines whether the client process or server process calling
a method on the component is in a role that is authorized to call


IsCallerInRole looks at the role of the direct caller of the
current method. If a client calls a method on a component, and that
method accesses a database, the access rights to the database are
determined by the security context of the component, not the client. PowerBuilder provides
additional functions on the transaction service object to enable
the component to assume the security context of the client before
performing an operation that the client may not be authorized to
perform. ImpersonateClient assumes the security context of the client,
IsImpersonating determines whether the component is running in its client’s
security context, and RevertToSelf restores the component’s
security context.

Document get from Powerbuilder help
Thank you for watching.
Was this article helpful?
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x