What I am trying to do?

Implement Authorization feature into an existing application. The authorization feature will be Role Based Access. User will see an error page if they try to access an unauthorized page.


Since I have about 200 programs (.htm + .p + .w + .i) within my application it has become a challenge for me to implement an authorization feature. I would like to implement this functionality at a Functional level instead of a Page level (since the number is 200). But currently I can't think of a solution at a Functional level. The only thing that I can think off right now is to have a Page level security i.e. store all the page names into a database and then associate each page with an appropriate role. Let's say if I do implement Page level security I will have to create another management page where administrator can assign available roles to individual pages. But this will lead to confusion and maintenance issues as there are about 200 pages and the application will continue to grow. Plus the user (administrator) might not know the details of a program. For example: What it does and How it is used?

I am open to suggestions and would be very happy if someone could answer my below question.

What is the preferred way to implement an Authorization feature into a WebSpeed based application?


The existing code is 100% procedural and there's no Object-Oriented Programming used.


Progress Version: 10.2A (but have access to 10.2B)

WebSpeed, HTML, CSS, Ajax