× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I don't know about 3rd party emulators, but I assume their vendors could
add bypass sign on support if the wanted assuming they don't already
have it.

As far as not allowing bypass sign on, why not?  By-pass sign on passes
the user ID & sign on encrypted, whereas the 5250 sign on screen passes
it unencrypted.  Unless you are using SSL tn5250, by pass sign on is
more secure.

As far as your external customers, it would seem to me that you could
make use of SSO.  After all, SSO uses Kerberos and active director isn't
the only Kerberos server out there.  I'm no expert, but I'd be willing
to bet a six pack that you could get SSO to work for your external
users.

I don't see much of a solution with you 3rd party apps except to ask the
vendor to support the iSeries user profiles directly instead of a custom
authentication. 

Charles Wilt
--
iSeries Systems Administrator / Developer
Mitsubishi Electric Automotive America
ph: 513-573-4343
fax: 513-398-1121
  

> -----Original Message-----
> From: midrange-l-bounces@xxxxxxxxxxxx 
> [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Chris Bipes
> Sent: Tuesday, February 28, 2006 7:00 PM
> To: Midrange Systems Technical Discussion
> Subject: RE: Tying in biometric scanning to 5250 sign on
> 
> I stand corrected.  That works for IBM's Emulator but what about other
> 3rd party emulators such as Mochasoft?  Also we do not allow 
> the bypass
> at this time but force a signon screen.  We have internet users using
> tn5250.  They cannot do SSO because they are not under our direct
> control.  (Not part of our active directory.)  What options 
> might I have
> for this to work?  We are looking at SSO but have not gone there yet.
> Too few applications that run on our network support SSO.  Would be
> great for Netserver as well as TN5250, but our HR and other 3rd party
> apps are not SSO, yet.
> 
> 
> Christopher Bipes
> Information Services Director
> CrossCheck, Inc.
> 
> -----Original Message-----
> From: midrange-l-bounces@xxxxxxxxxxxx
> [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Wilt, Charles
> Sent: Tuesday, February 28, 2006 2:55 PM
> To: Midrange Systems Technical Discussion
> Subject: RE: Tying in biometric scanning to 5250 sign on
> 
> You are incorrect.
> 
> As of v5r3 the following support SSO:
> 
> DRDA
> iSeries Access (Navigator & data transfer??)
> LDAP
> NetServer
> PC5250 Emulation
> QFileSvr.400
> HTTP
> 
> 
> Taken from an COMMON presentation by IBM.
> 
> As I recall, for SSO to work in a 5250 session, the session has to be
> configured with "by-pass sign on" which allows authentication without
> the standard 5250 sign-in screen being displayed.
> 
> -- 
> This is the Midrange Systems Technical Discussion 
> (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
> 
> 


As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.