Hi,
I'm trying to configure a new 515, but can't find a clear definiton about
external entitlement, to know if we really need it or not.
An i5/OS user is a person who accesses the i5/OS operating system through
one or more connections. The user exchanges credentials (user
identifications) either directly with the operating system or indirectly
through application or middleware software that is supported by the
operating system.
http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=/rzam8
/rzam8userentitlements.htm
What's exactly operating system? Just 5250, Ops Navigator and similar ways
to reach "commands"? Are applications included?
Suppose I have a website (hosted on i5), as my "visitor" types a string it
gets pages generated by a query - true he's indirectly getting results from
DB2, but I hope he should never reach our operating system - is that a
"visitor" or an "user"?
Since all my "visitors" indirectly exchanges identification on Apache,
they're "users"?
Going further, there are several ways to achieve real protection "exchanging
credentials" on Apache, such as writing an application wich reads and
verifies data ("user" and "password") saved anywhere, IP ranges, validation
lists (again "user" and "password"), user name (again from anywhere), and
finally i5/OS USRPRF (perhaps this one is really a "user"), or maybe a
combination or any of those.
As there are many applications wich run on i5, wich behave such as Apache,
where exactly a "visitor" becames an "user"?
Microsoft defines "user" those defined on Active Directory - such as an
USRPRF - anything else is defined as a "visitor", it's simple and maybe it
don't covers all possibilities, but it's perfectly clear.
Thanks,
Rubens Lehmann
midrange.com
