I have a question for CGIDEV2 developers who have developed (or
thought about) applications with a form of user validation and page
security, but do create a user profile for each unique user.
That is to say, they do not want to use AS400(or NT/UNIX)
userID/password (with or without authorization lists) because there
are potentially too many users or have other business reason(s) not to
do this.
My question is: what strategy of validation/page security are you
using? What are advantages/disadvantages of your method and is it
suitable for the WWW as well as a controlled intranet.
** Examples:
Validate against a PF list of user/passwords and pass a "user" token
variable from page to page, validate against IP address or other
environment variable, use the same password for everybody, create and
store a temporary cookie on the client which is verified on each page,
use CGIDEV2 persistence...
Also is "too many users" a good excuse for not using as/400 user
profiles/auth lists to validate users?
marty
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/Easy400Group/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
