So your app/framework stands in for the OS for
authentication/authorization?


I view the app/framework as a supplement to OS authentication/authorization
- not a replacement. I hope that makes sense. Green-screen applications
often supplement with rules which are outside the scope of IBM i object
authorities (i.e. which users can run a menu item, User A may see employee
SSN - not User B).

The first problem being another set of credentials for every user.


Web App/frameworks often include a variety of options for authenticating
users:

1. Against a database of users.
2. Against IBM i user profiles and authentication rules (including disabled
profiles, expired passwords, etc.).
3. Against LDAP directories.
4. Against oAuth realms.

My company provides multi-tenant hosting for K-12 schools and school
districts. My user profile is authenticated against my IBM i user profile.
However, we don't set up IBM i user profiles for students and parents (for
example), because they have no need for services such as ACS, telnet, ssh,
ftp, etc. They're only using browser user interfaces. We set up a user
profile for them in an IBM i table, and authenticate against that.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.