Interesting options - basic authentication, Kerberos that maps with EIM, validation lists (no profile involved other than CGI default or as set in httpd.conf), LDAP (I think it's not really the same as Kerberos - just saw it listed in a V5R3 document).

There are environment variables that CAN have some of this info and provide fodder for swapping profile in the CGI program.

I've contacted IBM to see if there's something already in the works.


On 5/27/2014 11:01 AM, Brian May wrote:
Yes, our product can maintain a persistent CGI connection. So the user's web session is tied to a specific job running in the HTTP server. We swap the user profile of that job to the logged in user, allowing all DB2 and object level security to be honored.

Doing this does not necessarily mean you MUST have a persistent connection. Any job can switch profiles. The interesting part is passing, storing, and validating credentials in a secure manner.

Brian May
IBM i Modernization Specialist
Profound Logic Software
937-439-7925 Phone
877-224-7768 Toll Free

Modernization Made Easy!

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Nathan Andelin
Sent: Tuesday, May 27, 2014 9:54 AM
To: Midrange Systems Technical Discussion
Subject: Re: row and column access in 7.2 and web applications


I can offer a license to our Web Portal, which has a menu system, where each menu item can be configured to launch separate application instances
(Jobs) for each user, and run under that user's IBM i profile.

Profound UI may offer something similar, via their persistent CGI interface, but I'm not sure.

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at

This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page