Re: [Easy400Group] Re: user validation and page security, but do not want to create user profiles

[Mel Rothman]

Once a user logs on via a validation list entry, you can retrieve the ID that was used from the REMOTE_USER environment variable. There is no need to build page-by-page validation. Mel Rothman Mel Rothman, Inc. itpweb1 wrote: Henrik's work looks very interesting. I have seen similar techniques at e-commerce sites, but couldn't figure out what was happening in the URL. Validation lists may be easier to implement. I had overlooked this feature assuming that they were a sub-species of Authorization lists. However,with Validation lists, can I pick up User ID as an environmental variable when required like in auth. lists?  Do I have to build in page-by-page validation? marty --- In Easy400Group@yahoogroups.com, Tom Jedrzejewicz <[EMAIL PROTECTED]> wrote: > > On 1/5/06, itpweb1 <[EMAIL PROTECTED]> wrote: > > I have a question for CGIDEV2 developers who have developed (or > > thought about) applications with a form of user validation and page > > security, but do create a user profile for each unique user. > > > > That is to say, they do not want to use AS400(or NT/UNIX) > > userID/password (with or without authorization lists) because there > > are potentially too many users or have other business reason(s) not to > > do this. > > > > My question is: what strategy of validation/page security are you > > using? What are advantages/disadvantages of your method and is it > > suitable for the WWW as well as a controlled intranet. > > There is a discussion and tutorial of this very topic on the Easy400 > site (http://www-922.ibm.com/en) - see Deliverables then "Web Security > Made Easy". > Validation lists along with existing Apache capabilities might just > fill the bill. > > > Also is "too many users" a good excuse for not using as/400 user > > profiles/auth lists to validate users? > > A better excuse is to eliminate the possibility that the user can > access anything but the web site.  If you create user profiles you > have to worry about securing everything else on the system. > > Good luck > > -- > Tom Jedrzejewicz > [EMAIL PROTECTED] SPONSORED LINKS How to format a computer hard drive Cobol programmer Iseries 400 How to format a computer How to format your computer How to format computer YAHOO! GROUPS LINKS  Visit your group "Easy400Group" on the web.    To unsubscribe from this group, send an email to:  [EMAIL PROTECTED]    Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.