1.  Home
  2. MIDRANGE-L
  3. June 2025

Re: OAuth2 authentication with hosted web service

Jon I think an RPG programmer is the least suitable technical person in the
universe to handle security. Every request that comes into IWS has to go
through a firewall (Network, proxy, Waf or NGFW but a firewall), any other
shortcut is just trouble.

My opinion, of course.
--
Marco Facchinetti

Mr S.r.l.

Tel. 035 962885
Cel. 393 9620498

Skype: facchinettimarco


Il giorno mar 10 giu 2025 alle ore 23:06 Jon Paris <jon.paris@xxxxxxxxxxxxxx>
ha scritto:

It's a great pity that it has to be in Java. Since IWS' role in life is
to surface RPG code with Java hidden in the background, it makes no sense
to me to have to write this exit code in Java. Why not allow RPG code to be
called?


Jon Paris
Jon.Paris@xxxxxxxxxxxxxx



On Jun 10, 2025, at 8:29 PM, Nadir K Amra <amra@xxxxxxxxxx> wrote:

In the IWS server, you have the option to insert a trust authentication
interceptor (TAI). It a piece of user-defined Java code that gets called
for protected web services. In this code you have access to the HTTP
request data, and you can do anything you want.

See https://www.ibm.com/support/pages/node/6396908

-----------------------------------------------
Nadir Amra
e-mail: amra@xxxxxxxxxx


From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> on behalf of
Darren Strong <darren@xxxxxxxxx>
Date: Tuesday, June 10, 2025 at 2:09 PM
To: midrange-l General Questions (midrange-l@xxxxxxxxxxxxxxxxxx) <
midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: [EXTERNAL] OAuth2 authentication with hosted web service
We've been asked to setup a webservice for a vendor to call and get some
data from our IBM I server. Setting up the webservice to do this was
fairly straightforward, but we'd like to use more than the "Basic"
authentication available (username/password) with the integrated web server
wizard (IWS). Do you have any experience or links explaining if and how
IBM i can support this?


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription
related questions.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.