On 09/11/2009, at 7:27 AM, Kelly Cookson wrote:

Thanks for the clarifications. I will look into Basic Authentication
using Zend Core for i5 when I have a chance.

Be aware that Basic Authentication does not encrypt the UID/PWD it merely encodes it. Anyone who can intercept an encoded data stream can recover the UID/PWD.

You might want to investigate client authentication via Validation Lists which at least won't compromise OS/400 *USRPRF objects--as long as you use different "web" UID/PWD values.

Note that using https: connectivity will protect encoded basic authentication so that may be something else to consider.

Regards,
Simon Coulter.
--------------------------------------------------------------------
FlyByNight Software OS/400, i5/OS Technical Specialists

http://www.flybynight.com.au/
Phone: +61 2 6657 8251 Mobile: +61 0411 091 400 /"\
Fax: +61 2 6657 8251 \ /
X
ASCII Ribbon campaign against HTML E-Mail / \
--------------------------------------------------------------------




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.