On Aug 21, 2018, at 11:53 AM, Steve Richter <stephenrichter@xxxxxxxxx> wrote:
not sure how users should login to a PHP web page and access the IBM i
database. Are there good solutions?
Initially I was using basic authentication. The browser would prompt for
user name and password. The PHP code would then store the user name and
pass in $_SERVER variables. PHP_AUTH_USER and PHP_AUTH_PW.
This worked. But the process is a bit confusing. But more so, what to do
when adding a web user who does not have an IBM i user profile?
So I changed to using validation lists. Which are easier to work with in a
SPA type web page. And the login prompt is a bootstrap modal that looks
The problem with validation list is how to run code on the server under the
IBM i user profile of the web user? I know about the QSYGETPH and QWTSETP
APIs which allows a job to change its user profile. But you need the
password of the user to do this. Where to securely store the password? Or
give QTMHHTTP authority to switch to a user profile without the password.
Which means any code running in PHP can switch to another user profile?
Is there guidance from IBM on how to limit access to tables and programs to
specific user profiles when running PHP web code?
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.