Not sure what you mean by "....for a webpage that needs to be populated"
The authority on a file in the IFS has no relevance to what the user sitting in front of his browser can do, it merely reflects what the HTTP server can (or cannot) deliver to the browser. When the user fills in fields on a web page they are not updating anything in the IFS. That data is just posted back to the server in post data or in a query string and then something needs to do something with the data.
In the descriptions below the "user" is the user under which the HTTP server runs (nothing to do with the user sitting at his browser). In order for an HTTP server to be able to deliver a page to the browser it simply needs *R authority. *X is relevant to execution, but your page pages are not executable objects. If for some reason the HTTP server needed to be able to update a file on the IFS, it would need *W (probably *RW).
*R
The users are given *R authority to view the contents
of an object. *R authority provides object
operational authority and data read authority.
*W
The users are given *W authority to change the
contents of an object. *W authority provides object
operational authority and data add, update, and delete
authorities.
*X
The users are given *X authority to run a program or
search a library or directory. *X authority provides
object operational authority and data execute
authority.
[
https://www.netcracker.com/assets/img/netcracker-social-final.png] ƕ
-----Original Message-----
From: WEB400 [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Booth Martin
Sent: 12 December 2016 16:24
To: Web Enabling the IBM i (AS/400 and iSeries) <web400@xxxxxxxxxxxx>
Subject: Re: [WEB400] Creating an IFS file and its security.
Partial response:
*R = read was my early assumption but F1 on WRKLNK suggests otherwise?
Unless "object attributes" means data? My reading of this panel leads me to believe I want *X authority for a webpage that needs to be populated. Although "*X Allows the use of the object" is ambiguous when defining read/update/add/delete, it seems to me to be the only choice that explicitly includes seeing data?
*R
Allows access to the object attributes.
*W
Allows the object to be changed.
*X
Allows the use of the object.
On 12/12/2016 2:43 AM, Scott Klement wrote:
...
3. I am confused as to the use for *R authority. When/where would I
have an occasion to use *R authority?
This is a weird question. *R means "readable". Are you saying that
it's unusual for your users to need to be able to read data from a file?!
--
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400) mailing list To post a message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/web400.
________________________________
The information transmitted herein is intended only for the person or entity to which it is addressed and may contain confidential, proprietary and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.
midrange.com
