On 09/11/2009, at 7:27 AM, Kelly Cookson wrote:
Thanks for the clarifications. I will look into Basic Authentication
using Zend Core for i5 when I have a chance.
Be aware that Basic Authentication does not encrypt the UID/PWD it
merely encodes it. Anyone who can intercept an encoded data stream can
recover the UID/PWD.
You might want to investigate client authentication via Validation
Lists which at least won't compromise OS/400 *USRPRF objects--as long
as you use different "web" UID/PWD values.
Note that using https: connectivity will protect encoded basic
authentication so that may be something else to consider.
Regards,
Simon Coulter.
--------------------------------------------------------------------
FlyByNight Software OS/400, i5/OS Technical Specialists
http://www.flybynight.com.au/
Phone: +61 2 6657 8251 Mobile: +61 0411 091 400 /"\
Fax: +61 2 6657 8251 \ /
X
ASCII Ribbon campaign against HTML E-Mail / \
--------------------------------------------------------------------
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
