× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Kelly,

The definition of "web services" that you found at www.w3.org is what I was
schooled in. Of course, definitions evolve over time; REST is now viewed as
an alternative to WSDLs and SOAP. I think people typically view "web
services" as program-to-program and platform-to-platform communications
where JSON and/or XML documents are exchanged.

Regarding the HTTP configuration sample which Scott Klement shared,
concerning "basic HTTP authentication"; that may be a useful utility for
very basic requirements, but it is inadequate as the number and type of
users, and scope of your applications increase.

Under basic HTTP authentication, you're essentially granting authority to
HTTP resources, which are filtered by URLs, to a directory full of users.
In ERP class systems, authorities granted to users and user groups need
more granularity.

In our web portal, we grant authorities to "work areas", which grants
authorities to IBM i library lists, IFS directories, and top-level menus.
>From there, authorities may be granted to sub-menus, menu items, data, and
"options" exposed by applications.

Most organizations wouldn't want to assign such granular authorities to
"user directories" or user repositories; whether that be LDAP, IBM i user
profiles, or IBM i authorization lists. Such granular authorities are
rather assigned to individual users and user groups. Authorities granted to
teachers, students, health care providers, counselors, lunch workers,
school principals, would all be different.

You wouldn't want to reconfigure HTTP server instances, and restart HTTP
servers, as additions and changes to user and group authorities are granted.

Moreover, users may need the ability to reset lost or forgotten
credentials. The system may need to handle rules such as session
expiration, password expiration, disabled user profiles, which may not be
handled by basic HTTP authentication.

Since login prompts are the entry points to broadly scoped applications,
site administrators may wish to post event notifications, such as planned
downtime, on the login screen.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.