× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Do not make up user profiles for your external users. The application
server should run under a profile with enough authority to read/update
the data, not delete the objects. Then your application needs to have
an external user logon validated against a validation list object. You
then generate some sort of temporary session id with an inactivity
timeout that identifies the external user. You use some sort of
identifying key field that never goes to the remote user but is used in
the applications.

For example:
1. External user database with unique key for each user. This database
hold who the user is and what access they have. Perhaps user name,
email address, customer number/code, Customer level access, (admin,
user, purchaser, etc.)
2. Validation list: includes logon name/password and unique key for each
user.
3. Active session DB - includes unique session id, session create
timestamp, session last activity timestamp.

When a user logs on, you create the unique session id and write a record
to the active session DB. Whenever the user submits a
form/transaction/inquiry, you check this file and see if the session has
expired, if not, update the last activity timestamp and retrieve the
user ID. You then check the user id against the user file to see get
their real identification, ie. Customer number, and see if they have
authority for the inquiry.

Chris Bipes
Director of Information Services
CrossCheck, Inc.

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rubens
Sent: Thursday, August 30, 2007 5:36 AM
To: 'Midrange Systems Technical Discussion'
Subject: RES: i5/OS external entitlement definition

Eric,

I've read those old threads and again found several opinions.

But still no clear documented definitons, all material found at IBM
website,
depending on the reader, can result on sligtly different meanings.

My problem ($$$) is related exactly on that unlimited "external" access,
I
don't think we need it for our Webserver, Microsoft says we don't need
it,
IBM included it on our proposal but can't give a detailed explanation on
why.

I5/OS costs for unlimited "external" access is about the same of a
complete
Wintel Server, if we get a Wintel server for web serving, there's no
reason
to get a new 515 for other applications, as our old box can manage most
of
them.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.