Client principal issues

Posted by jmls on 24-Jun-2011 08:33

I know that I am being thick here. I've had this working before, hell, it's in use in an app that's live right now.

But can I get this to work ? No. And I'm ready to jump out of the window .. 

def VAR ClientPrincipal as handle no-undo .
security-policy:register-domain("hash42","abc").
security-policy:lock-registration().

CREATE CLIENT-PRINCIPAL  ClientPrincipal.
assign ClientPrincipal:session-id  = "1234"
       ClientPrincipal:user-id     = "julian"
       ClientPrincipal:domain-name = "hash42".
ClientPrincipal:seal("abc":U).
message ClientPrincipal:login-state view-as alert-box.
security-policy:SET-CLIENT(ClientPrincipal).

what is wrong with this code ? Fire up a standard progress session, connect to a single database, and paste into the editor and run. I get a 13690 error

Failed  client principal validation (13690)
This error message is associated with a client principal validation failure due to an unknown reason.

is this me, or Progress ?

The database has no authentication systems defined, and the _user table has a single user "sysprogress" record (so that SQL can get access)

What do I need to do ? Ta!

OpenEdge Development - Forum

All Replies

Posted by Mike Ormerod on 24-Jun-2011 08:42

Did you set the database security options to accept "Trust Application Domain Registry" ?

Posted by Mike Ormerod on 24-Jun-2011 08:47

This may also help : http://download.psdn.com/media/exchange_online_2010/1034SarahMarshall.wmv

Posted by Peter Judge on 24-Jun-2011 08:49

I usually do a clientprincipal:Validate-seal() first, since the messages from that are more meaningful than the ones coming from set-client().

PS the code works for me, without any DB connected.

-- peter

Posted by jmls on 24-Jun-2011 08:49

urgh. nooooooooooooooooooooooooooooooooo .....

smack

that's a couple of wasted hours.

Thanks for the help.

Perhaps the error message could say "oi! dummy! have you checked the

"Trust Application Domain Registry" option" instead of "unknown

error" ...

Posted by Peter Judge on 24-Jun-2011 08:54

Perhaps the error message could say "oi! dummy! have you checked the

"Trust Application Domain Registry" option" instead of "unknown

error" ...

It's more secure when you don't know what's wrong and so can't hack in ... (Kidding! Kidding!)

-- peter

Posted by Mike Ormerod on 24-Jun-2011 08:55

Glad it worked! I'll pass on your new error message to the engineering team :-)

This thread is closed