Creating the GAM repository for the first time from GeneXus

When you set the Enable Integrated Security Property for the first time in a knowledge base, the following happens:

1. GAM External objects are imported into the KB.

External objects are used to access the GAM API and are consolidated in the GAM_Library folder. 

GAM Examples are consolidated in the GAM_Examples folder depending on the options selected during the GAM Activation Process.

2. A secondary datastore is created for storing GAM information.

This datastore is called "GAM" and is created following these criteria:

If the Reorg Datastore is a SQLserver datastore, the default values for "GAM" datastore are as follows:

  • Database Name is the same as the Database Name of the Reorganization datastore.
  • Database Schema: This property is set to "gam" by default.

The GAM repository will be located by default in the same database as the default database; however, the schema will be another one named "gam".
If the Reorganization Datastore is MySQL, the default value for "GAM" datastore is as follows:

  • Database Name: by default it is set to <Default datastore database name>_gam.

The GAM repository will be under a different database by default.
In an Oracle database, GeneXus does not set any default value for the Database Name; this value must be set by the user.


The GAM reorganization process, in addition to the registration of GAM applications and the generation of permissions, is performed inside GeneXus using ADO. NET. That's why the GAM datastore has to be configured for ADO. NET connection (Access Technology = ADO. NET) even if the application is Java. When the application is generated in Java, both connections (Java and ADO. NET) have to be configured.

The GAM version is GAM database version 4.0.2.

3. After pressing F5, a connection to the database is established  

After pressing F5, a connection is established to the database specified in GAM datastore (using the connection properties of this datastore: database name, user ID, user password), checking for the existence of some tables and GAM version.

Given that these tables don't exist, the GAM database tables are created. So, the following happens:

  • The GAM database and all its tables are created. Before the tables are created, the user is asked if he/she wants to create the GAM database structure.


4. Metadata is initialized.

Tables are populated with metadata.

The GAM Manager Repository and the working Repository are created.

Also, the administrator user and the connection user are created. The default GAM Security Policy is created, as well as the default AuthenticationType: GAM Local Authentication Type. The default GAM Roles are created.

5. Registration of GAM Applications is executed.

The GAM Backend Application is created. It's populated with some permissions to allow building the Menu of the GAM Web Backoffice.

An Application is created for the Web model, and one Application is generated for each Main SD object.

Also, GAM Permissions are generated (if Integrated Security Level property = Authorization).