× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. WEB400
  3. June 2009

Re: Reusing User ID and Password with Zend i5_Program_Call

Shannon,

I responded on the Zend forums and thought I'd copy that response here.

Here is what I'm doing, not sure if it is the best but it is what I'm doing.

I use a generic login for all of the connections to the 400. This login has the initial menu set to *SIGNOFF.
When a user enters a username/password I call an RPG program passing these as parameters. In the RPG program I call QSYGETPH to see if the combination is valid, if it is I set a flag and store it in the session, along with the username discarding the password (this wouldn't work if your object security required the specific user to connect). I also check the number of invalid password attempts before checking the password so the user cannot disable themselves from the web login (I didn't want to have to deal with re-setting accounts disabled this way.) by calling QSYRUSRI.

You could however store the username and password in the session which will be stored on the IFS. This may or may not be a concern depending on how your IFS is secured (or not secured :-) ).

I'm not sure if that answers your question. If not let me know what needs clarification or an example.

Scott

Shannon ODonnell wrote:
Here's my scenario:


I have the user log in with their i5 user id/password with a PHP script.


I then take the user to a new page, and I have them enter a search string.
I take that search string and I pass it to an RPG program using
i5_Program_Call. Now...as you know, the i5_Program_Call requires the user
to log in first, that is, the php page needs to establish a connection to
the server before doing a i5_program_call.

But in this case, the user logged in on a previous php page which, since
this is basically all stateless, the iSeries and the PHP server know nothing
about.

I do not want to force the user to log in again on this page to do their
search, and I don't want to store that user ID and password in the PHP
script either. So how can I accomplish this?


What does the rest of the community do to reuse the id and password with PHP
like this?


Shannon O'Donnell



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.