PAS for OpenEdge Web applications derived from oeabl.war use the Java Web application security in the Spring Security framework to provide industry-proven secure user authentication, login sessions, Cross-origin resource sharing (CORS) support and Role Based Access (RBA) authorization to URL resources. Beginning in the 11.6 release of OpenEdge, the Spring Security framework security features are expanded to secure client access to WebSpeed applications.

The focus of this paper is on securing a PAS for OpenEdge WebSpeed application WEB transport, and using the client-principal within ABL code.