Re: Maintaining a i5 login session (PHP)

A couple of things here:

First, you should use Location's instead of Directory's for access control as much as possible. The reason is that Location works off of the path information in the request instead of the physical location on the disk. Besides being easier to follow along in complicated configurations, this also allows for finer grained control (for example, using Location variants, you could control access to PDF files or files with certain characters elsewhere in their name).

Second, setting up SSL requires more than adding some configuration stuff to a Directory. There are two ways to do this: create a second HTTP server instance or use IP based virtual hosting. You can use the admin GUI to set up a second server instance for SSL but the admin GUI leaves a lot to be desired for maintaining sites that use virtual hosts. There are examples in the archive on how to set up SSL. If you want to use IP based virtual hosting, take a look at the version 2 documentation at http://httpd.apache.org.

Matt

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Gibbons, Michael
Sent: Monday, January 21, 2008 11:33 AM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Maintaining a i5 login session (PHP)

Thanks, I have it working now. Is it possible to limit access to a directory
to ONLY https (SSL)?

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On
Behalf Of Guillermo Andrades, CPI Software
Sent: Monday, January 21, 2008 11:06 AM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Maintaining a i5 login session (PHP)

You can put ProfileToken directive in <Directory xxxxxxx> where other Auth*
directives.

Regards,
Guillermo Andrades






On Jan 21, 2008 3:04 PM, Gibbons, Michael <bmis04@xxxxxxxxxxxxxxx> wrote:

Jim,

I am having trouble getting the ProfileToken directive in, server will
not start because it is not in the right section. Do you know where i
might get more information.

Thanks


-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Jim Dillard
Sent: Friday, January 18, 2008 7:31 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Maintaining a i5 login session (PHP)

Michael,
Try this:
http://www.zend.com/support/knowledgebase.php?kbid=258&view_only=1.

Regards,
Jim Dillard

---------------------------------------------
Jim Dillard
IBM Alliance Manager
Zend Technologies, Ltd.
408-342-8886
JDillard@xxxxxxxx

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Gibbons, Michael
Sent: Friday, January 18, 2008 6:02 AM
To: 'Web Enabling the AS400 / iSeries'
Subject: [WEB400] Maintaining a i5 login session (PHP)

Hello,



I am interested in creating an application using PHP that uses an I5
login (validate I5 Credentials) and maintains a session for that logon
while serving up other pages.



Does anyone have any ideas on where to start? I believe I can validate
the
i5 credentials using _i5Connect but I am unsure on how to safely and
securely maintain a session.



Anyone know of some examples?



THANKS IN ADVANCE!

--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list To
post a message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/web400.

--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list To
post a message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/web400.

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.19.7/1232 - Release Date:
1/18/2008
7:32 PM

--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list To
post a message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/web400.

--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list To post a
message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe, or change list
options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/web400.
--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.