So do you have active directory set up for your network? Then use a framework that can use LDAP for authentication. Now you don't have a new set of credentials. Just access the database using a service profile.
Mark Murphy
Atlas Data Systems
mmurphy@xxxxxxxxxxxxxxx
-----Justin Taylor <JUSTIN@xxxxxxxxxxxxx> wrote: -----
To: "Web Enabling the IBM i (AS/400 and iSeries)" <web400@xxxxxxxxxxxx>
From: Justin Taylor <JUSTIN@xxxxxxxxxxxxx>
Date: 12/23/2016 01:04PM
Subject: Re: [WEB400] In-house authentication & authorization
So your app/framework stands in for the OS for authentication/authorization? I can understand that for public sites, but it doesn't like a good idea for in-house. The first problem being another set of credentials for every user.
-----Original Message-----
From: Nathan Andelin [mailto:nandelin@xxxxxxxxx]
Sent: Thursday, December 22, 2016 2:33 PM
To: Web Enabling the IBM i (AS/400 and iSeries) <web400@xxxxxxxxxxxx>
Subject: Re: [WEB400] In-house authentication & authorization
I know Apache can handle authentication for static pages & CGI, but
what about other things like PHP, Node, Java, etc?
You'd need an application and a framework for handling:
1. Authentication.
2. Authorization.
3. Access (i.e. only show menus and menu items which users are authorized to).
4. Opening multiple apps & toggling between them.
5. Setting Favorites.
6. Defining user/group authorities to resources.
7. An API to check user authorities to resources.
This is the type of infrastructure needed to build products with ERP-type scope.
As an Amazon Associate we earn from qualifying purchases.