Kelly Cookson wrote:
> What would be best practices for dealing with using JTOpen when there
> is no human end user to provide a user id and password? Do we
> necessarily have to create a standard user id and password on the
> iSeries for these programs? If so, how should we handle security for
> the standard user id and password?

You're pretty much stuck with creating a userid on the iSeries that your
application authenticates with and storing that userid & it's password
in some form of property file or database field.

I would suggest you give this user id the absolute minimum authority
possible so it can't be used for anything it isn't supposed to do.

Another idea (that just popped into my head) ... if security is truly
that critical for this database, is to create some kind of authority
broker ... where you still have a single user id ... but the password is
changed for every request.  So your application contacts the authority
broker program, performs some sufficiently complex negotiation to ensure
that the request is legit, and then the broker changes the user id's
password and then gives that password to the client application.  The
client then connects with the userid.  The client app could then
indicate to the broker program that it's connected, at which point the
broker program would change the password to something random.

I'm not sure 'authority broker' is the correct term / pattern.

david



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.