× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Good tip on authenticroast. I've bookmarked that in case this comes up in
the future.

Thanks for sharing.
Todd




"Joe Sam Shirah"
<joe_sam@bellsout
h.net> To
Sent by: "Java Programming on and around the
java400-l-bounces iSeries / AS400"
@midrange.com <java400-l@xxxxxxxxxxxx>
cc

2010-06-11 14:43 Subject
Re: Prompting for iseries user ID
and password on a web application
Please respond to
Java Programming
on and around the
iSeries / AS400
<java400-l@midran
ge.com>







Hi,

Excuse my Americanism, I don't know if your first name is Lim or
Hock-Chai.

While I don't disagree with Matt's response on downsides, I understand
the reasoning for a single set of credentials, and if it's a user
requirement, there you go.

If your app server versions support JSR-196, there's a project that
allows you to use form based and other container managed security with any
method(s) of authentication and authorization that you want:

http://code.google.com/p/authenticroast/

I used it in a situation where US employees were validated from Active
Directory, and employees of other subsidiaries used a different method to
validate credentials. Since most containers are set up for a single type
of
authentication, it really looked like trouble, but was a user requirement.

AuthenticRoast worked out really well for me. The container notifies
your method, you do whatever to validate and send back the result, and
that's pretty much it. In your case, you can use JTOpen methods to
vaildate
AS/400 credentials. You could also simulate what I did by first using your
"normal" method, then trying the AS/400 if the first way fails.

The downside, of course, is that you have to provide the code for
actual
authentication. For me, that meant learning code to deal with Active
Directory, which was previously handled by the container; I only had to
give
configuration info. Still, I would suggest looking into it, and the
developer respionds to questions (at least for me.)

HTH,


Joe Sam

Joe Sam Shirah - http://www.conceptgo.com
conceptGO - Consulting/Development/Outsourcing
Java Filter Forum: http://www.ibm.com/developerworks/java/
Just the JDBC FAQs: http://www.jguru.com/faq/JDBC
Going International? http://www.jguru.com/faq/I18N
Que Java400? http://www.jguru.com/faq/Java400

----- Original Message -----
From: "Haas, Matt (CL Tech Sv)" <matt.haas@xxxxxxxxxxx>
To: <java400-l@xxxxxxxxxxxx>
Sent: Friday, June 11, 2010 1:16 PM
Subject: RE: Prompting for iseries user ID and password on a web
application


The easiest way is to set up your HTTP server to use Basic Authentication
to password protect things. Once that is done, the user name that was
entered will be available in the remote user environment variable.

That said, it's generally not good to use user profiles for web sites
because you open the system up to hacking by providing credentials that
mean something to the base OS.

Also, there isn't a way to change passwords when they expire or reset
profiles when they get disabled from too many invalid login attempts
which
will likely result in additional support calls.

Matt

----------------------------------------------------------------------

message: 1
date: Fri, 11 Jun 2010 10:12:00 -0500
from: "Lim Hock-Chai" <Lim.Hock-Chai@xxxxxxxxxxxxxxx>
subject: Prompting for iseries user ID and password on a web
application

There is a new business requirement where I've to make modification to
one of our web-app to now prompt for iseries user ID and password before
allowing user to access the application. Does any know if there is
already a pre-built tool (in jt400?) that can already do that for me or
I've to pretty much create one?

Thanks






This communication and any transmitted documents are intended to be confidential. If there is a problem with this transmission, please contact the sender. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.