The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic

Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.

If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.

Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.

Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Multi-Tenant Web Application where the Security Framework SQL tables are separated out - Is it doable?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Multi-Tenant Web Application where the Security Framework SQL tables are separated out - Is it doable?

    Hey Guys,

    I have a Multi-Tenant Web Application scenario where I need to keep a separated Primary DB which will ONLY store the Alpha Five Framework Security tables and a table that holds the reference connection strings to all my Tenant DBs.

    The rest of the tables needed for the application will be in their respective Tenant databases.

    After a successful login, the websecurity settings will redirect me to an intermediate page which will identify the Tenant DB that the logged in user belongs to (by running a bunch of other queries) and then apply the concept of Dynamic Connection Strings introduced by alpha in V10.5 ( ).

    Now, I have reached the point where I am identifying the User and getting the DB instance for the Tenant and applying the scripts needed to the doing the dynamic connection string change. After that I redirect to a A5W page which holds a simple grid. The grid does not load and the error that is thrown clearly indicates that I am not connected to the target DB and its table.

    Has anyone worked with Dynamic Connection Strings on V12 ?
    Is it doable?

  • #2
    Re: Multi-Tenant Web Application where the Security Framework SQL tables are separated out - Is it doable?

    Hi KayBee

    I do this in an application I use for administering 20 different application all connecting to different databases

    Here I have my web security tables in 1 database. I also have a table the defines the connection strings for all the other databases. When I login I use a defined connection string pointing at the database that contains this data.

    When I select the database to work on I retrieve the connection string to connect to that database. I set Session.__protected__BSAdmin this is the underlying session variable that alpha resolves the DynamicConnection_BSADMIN alphaADO sql named connection to.

    the way you set these up is the BSAdmin part of the string is relates to the same part in the DynamicConnection_BSADMIN

    grids, UX dialogs all resolve this named connector to the session variable. to use this approach in xbasic open the database connection use something like this...

    dim dbconn as SQL::Connection
    IF a5SQLConnectionOpen(dbconn,"::Name::DynamicConnection_BSAdmin",session) = .f. THEN
    errv = "Unable to connect to selected database"
    error_generate( errv)
    END IF

    for further info the help has reasonable detail on the subject.... search for dynamic connection

    good luck


    • #3
      Re: Multi-Tenant Web Application where the Security Framework SQL tables are separated out - Is it doable?

      Thanks Garth, I got it to work.

      But here is another scenario -

      Lets say we have a different structure where my Primary DB has a single table that only that holds the reference connection strings to all my Tenant DBs. Each Tenant DBs will have its own set of the Alpha Five Framework Security tables and all other tables needed for the application.

      Each tenant will access the application using a sub domain URL such -
      and so on...

      My Index.a5w page will determine hostname URL using Request.Host and this value will be searched in the single table in the Primary DB to find out the Tenant DB. It will then do the change to dynamic connections and then redirect itself to the page holding the Login component. I tried doing this but it didn't work.

      Is it possible to change the target database before the Login component gets loaded ?


      • #4
        Re: Multi-Tenant Web Application where the Security Framework SQL tables are separated out - Is it doable?

        That looks more like you're talking about using some form of re-direction based on the URI you're connecting via

        my understanding is once you've got to the alpha appserver you're going to be running under alpha security if its enabled



        • #5
          Re: Multi-Tenant Web Application where the Security Framework SQL tables are separated out - Is it doable?


          No re-directions here. There is a single code base in my A5Webroot.

          All of the URL point to a single Index.a5w in my A5Webroot. This done my defining the sub-domains to point to my A5Webroot folder on the server.


          • #6
            Re: Multi-Tenant Web Application where the Security Framework SQL tables are separated out - Is it doable?

            Hi Kaybee

            I did some testing of the multi-tenant features recently. I setup my security tables in a SQL database that was accessed by a dynamic connection string. My testing showed that even if you set the dynamic connection string to connect to a different database (one of the tenants) before attempting login, the application would still query the original database defined in the dynamic connection string for security login.

            I believe the reason why the application does not 'see' the change to the dynamic connection string is that the security system is accessing the SQL database indirectly via those dbf link tables that you have to setup connect security to a SQL database, not directly accessing the SQL database from the query string.

            Based on my testing, for a multi-tenant application, all the security tables must be in a single 'master' database but the remainder of your tables can be in a your individual tenant databases.