|
midrange-l-request@xxxxxxxxxxxx wrote: > 2. RE: Tying in biometric scanning to 5250 sign on (Chris Bipes) > >Still does not apply to 5250 sign on. Web face your 5250 using HATS or >the like and have the token store the web signon? Get rid of 5250. >That is my goal but it WOULD be nice to have the bio tokens handle the >5250 signon. I am in the same boat, trying to plug the holes and 5250 >appears to be a huge one, here at least. > >5250 is not SSO compliant. Chris: 5250 can be run in a compliant way. 5250 itself need not be compliant; only the usage needs to be compliant for SSO. For example, if your interactive subsystem(s) throw up a signon panel that has no input fields but only text saying that entry without prior verification is forbidden, the Kerberos/SSO solution becomes more easily enforced. Or TN5250e with encrypted password perhaps. Or however you choose to configure things. (You could have a secondary interactive subsystem that could be used when needed and that allowed terminal signon panels.) In short, _you_ choose whether or not a given technique is used. SSO can work fine with 5250. Tom Liotta
This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
