Re: [Tn5250j-general] Passing User ID and Password in Applet
Hello Pete,
I think you are completely right in
your interpretation. The SSL or VPN tunnel would encrypt all communcation
between the PC and the (web and AS400) server. If the user would popup
the HTML source he would indeed see (his own?) userid and password.
The auto disconnect feature as you describe
it would indeed do an signoff endcnn(*yes) as final command. For the Java
part you would have to popup an applet or frame or whatever to create a
session, launch it, add a session listener to it that closes on disconnection.
I'll look into providing an example.
Wim.
Pete Helgren <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
16/06/2005 18:35
Please respond to
tn5250j-general@lists.sourceforge.net
To
tn5250j-general@lists.sourceforge.net
cc
Subject
Re: [Tn5250j-general] Passing
User ID and Password in Applet
Thanks to all. You gave me much to think about
Wim, I don't know much about SSL or how it is initiated but I thought that
if you used SSL the stream was fully encrypted. That is, if you are
using SSL then the traffic that is passing over port 992 is encrypted,
even the signon screen. Is that the case? Also, our HTML based
menuing system can run in an HTTPS environment so executing the applet
under HTTPS would encrypt the page I think, though if the user viewed the
page source they would see the password in plain text, right? The
encryption is just used between the browser and the server. The HTML
as rendered by the browser is still in plain text. It *could* allow a user
to view the source on another user's browser and see the password (at least
I think this is possible).
I think I understand the applet ending routine that you currently have
but since I don't work that closely with the internals of 5250 some of
what you and Kenneth are saying is going over my head. And I am still
a relative rookie with Java so I need a bit more info and, if you can,
a small snippet of code that demonstrates what you are talking about. For
example, when you say "wrap the command" and then use a signoff
with a disconnect, are you saying that I could just have a CL program that
has a call to whatever program we want to run (in fact, we already have
this) and then at the end of the command use SIGNOFF ENDCNN(*YES)? I
think you also are saying that we need to add a sessionlistener to the
applet code and then use that to trigger the navigation when the session
is disconnected. I am not familiar with using a sessionlistener but
with an example I think I can figure it out (code examples are always helpful).
It sounds like that is the way to go. Adding a SIGNOFF ENDCNN(*YES)
should be easy enough but I need a little help with the sessionlistener
logic.
Thanks! Now I just need to deal with the password issue and I think I have
it.
Pete
BTW Kenneth, Gaurav posted his code to the list on July 2nd, 2003. If
you can't find it in the archives, I can send it to you.
[EMAIL PROTECTED]
wrote:
Hello Pete,
I'm not quite sure why everybody make a problem about the clear passwords.
When you would send them encrypted, the emulator telnets to the AS/400
and what does he do in the first place: send your userid and password to
the as/400. I think that these are in clear text also. The only solution
would be to SSL or VPN your communication to your webserver and AS/400.
Next the autoclosing is fairly easy to implement using the autologin and
scanning we have introduced in the emulator: when logging on you want to
autostart a command. Lets call this the application command. What you can
do is wrap this app command in you own shell command. e.g. start cmd('appcmd').
The start can do a few thing like setting liblists etc. But it's main purpose
is to properly shutdown the emulator. You can do this in 2 ways: to a signof
with disconnect. At the emulator side, you can attach a sessionlistener
and have you applet navigate away from you page as the session gets disconnected.
Or the start command can also trigger a scan code to the emulator: #! END
so the applet can listen to this and perform an end of session. This way
you can do a lot more than just ending.
Hope this helps,
Wim.
Pete Helgren <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
15/06/2005 21:06
Please respond to
tn5250j-general@lists.sourceforge.net
To
TN5250J List
cc
Subject
[Tn5250j-general] Passing
User ID and Password in Applet
I had posted some of this about two years ago when I first started
working with the 5250 applet. The problems that I had (and still
have)
have to do with the passing of UserID and password in the clear when I
start an applet session. Gaurav posted some code that has a servlet
that talks to the applet and passes the password back to it. I think
I
can follow the approach but wanted to know if anyone else had solved
this problem in a different way.
We have an HTML based menuing system that r
Re: [Tn5250j-general] Passing User ID and Password in Applet
Pete
Pete Helgren wrote:
Thanks to all. You gave me much to think about
Wim, I don't know much about SSL or how it is initiated but I thought
that if you used SSL the stream was fully encrypted. That is, if you
are using SSL then the traffic that is passing over port 992 is
encrypted, even the signon screen. Is that the case? Also, our HTML
based menuing system can run in an HTTPS environment so executing the
applet under HTTPS would encrypt the page I think, though if the user
viewed the page source they would see the password in plain text,
right? The encryption is just used between the browser and the
server. The HTML as rendered by the browser is still in plain text. It
*could* allow a user to view the source on another user's browser and
see the password (at least I think this is possible).
You are correct here. Although a way around that would be as per my
previous message with the samples I am putting together. It is not
100% secure but normal users would not be able to figure out the
streams that are passed back and forth. Anybody with a protocol
sniffer would but that will not be in your environment I would think.
I think I understand the applet ending routine that you currently have
but since I don't work that closely with the internals of 5250 some of
what you and Kenneth are saying is going over my head.
No problems Pete with the example you will see what we are talking
about. Actually it is not the internals of 5250 at all really but how
we manipulate it. Just to regress a little. I always thought it was
5250 as well so wanted to know the magic behind it all thus the
emulator. What you really get is how the 5250 emulator/client, not the
datastreams at all, manipulates the 5250 information. The 5250
information is all in the objects of tn5250j we just need to react to
certain events.
And I am
still
a relative rookie with Java so I need a bit more info and, if you can,
a small snippet of code that demonstrates what you are talking about.
For example, when you say "wrap the command" and then use a signoff
with a disconnect, are you saying that I could just have a CL program
that has a call to whatever program we want to run (in fact, we already
have this) and then at the end of the command use SIGNOFF
ENDCNN(*YES)? I think you also are saying that we need to add a
sessionlistener to the applet code and then use that to trigger the
navigation when the session is disconnected. I am not familiar with
using a sessionlistener but with an example I think I can figure it out
(code examples are always helpful).
It sounds like that is the way to go. Adding a SIGNOFF ENDCNN(*YES)
should be easy enough but I need a little help with the sessionlistener
logic.
You could do it that way as well. I will put an example program out
there for that as well. It really just depends on how much control you
want. With the signoff end connection you really do not know if the
application ended or there was a problem but using both the session
listener and the scanlistener you can control just about anything.
Thanks! Now I just need to deal with the password issue and I think I
have it.
I agree but I think we have that covered as well.
Pete
BTW Kenneth, Gaurav posted his code to the list on July 2nd, 2003. If
you can't find it in the archives, I can send it to you.
Thanks but I went ahead and coded it myself. The concept was easy
enough but never had a need for it before.
We will have you up and running in no time. Something to play with
over the weekend :-P
Regards
Kenneth
[EMAIL PROTECTED] wrote:
Hello Pete,
I'm not quite sure why everybody
make
a problem about the clear passwords. When you would send them
encrypted,
the emulator telnets to the AS/400 and what does he do in the first
place:
send your userid and password to the as/400. I think that these are in
clear text also. The only solution would be to SSL or VPN your
communication
to your webserver and AS/400.
Next the autoclosing is fairly
easy
to implement using the autologin and scanning we have introduced in the
emulator: when logging on you want to autostart a command. Lets call
this
the application command. What you can do is wrap this app command in
you
own shell command. e.g. start cmd('appcmd'). The start can do a few
thing
like setting liblists etc. But it's main purpose is to properly
shutdown
the emulator. You can do this in 2 ways: to a signof with disconnect.
At
the emulator side, you can attach a sessionlistener and have you applet
navigate away from you page as the session gets disconnected. Or the
start
command can also trigger a scan code to the emulator: #! END so the
applet
can listen to this and perform an end of session. This way you can do a
lot more than just ending.
Hope this helps,
Wim.
Pete
Helgren <[EMAIL PROTECTED]>
Sent by:
[EMAIL PROTECTED]
15/
Re: [Tn5250j-general] Passing User ID and Password in Applet
Thanks to all. You gave me much to think about
Wim, I don't know much about SSL or how it is initiated but I thought
that if you used SSL the stream was fully encrypted. That is, if you
are using SSL then the traffic that is passing over port 992 is
encrypted, even the signon screen. Is that the case? Also, our HTML
based menuing system can run in an HTTPS environment so executing the
applet under HTTPS would encrypt the page I think, though if the user
viewed the page source they would see the password in plain text,
right? The encryption is just used between the browser and the
server. The HTML as rendered by the browser is still in plain text. It
*could* allow a user to view the source on another user's browser and
see the password (at least I think this is possible).
I think I understand the applet ending routine that you currently have
but since I don't work that closely with the internals of 5250 some of
what you and Kenneth are saying is going over my head. And I am still
a relative rookie with Java so I need a bit more info and, if you can,
a small snippet of code that demonstrates what you are talking about.
For example, when you say "wrap the command" and then use a signoff
with a disconnect, are you saying that I could just have a CL program
that has a call to whatever program we want to run (in fact, we already
have this) and then at the end of the command use SIGNOFF
ENDCNN(*YES)? I think you also are saying that we need to add a
sessionlistener to the applet code and then use that to trigger the
navigation when the session is disconnected. I am not familiar with
using a sessionlistener but with an example I think I can figure it out
(code examples are always helpful).
It sounds like that is the way to go. Adding a SIGNOFF ENDCNN(*YES)
should be easy enough but I need a little help with the sessionlistener
logic.
Thanks! Now I just need to deal with the password issue and I think I
have it.
Pete
BTW Kenneth, Gaurav posted his code to the list on July 2nd, 2003. If
you can't find it in the archives, I can send it to you.
[EMAIL PROTECTED] wrote:
Hello Pete,
I'm not quite sure why everybody
make
a problem about the clear passwords. When you would send them
encrypted,
the emulator telnets to the AS/400 and what does he do in the first
place:
send your userid and password to the as/400. I think that these are in
clear text also. The only solution would be to SSL or VPN your
communication
to your webserver and AS/400.
Next the autoclosing is fairly easy
to implement using the autologin and scanning we have introduced in the
emulator: when logging on you want to autostart a command. Lets call
this
the application command. What you can do is wrap this app command in
you
own shell command. e.g. start cmd('appcmd'). The start can do a few
thing
like setting liblists etc. But it's main purpose is to properly
shutdown
the emulator. You can do this in 2 ways: to a signof with disconnect.
At
the emulator side, you can attach a sessionlistener and have you applet
navigate away from you page as the session gets disconnected. Or the
start
command can also trigger a scan code to the emulator: #! END so the
applet
can listen to this and perform an end of session. This way you can do a
lot more than just ending.
Hope this helps,
Wim.
Pete
Helgren <[EMAIL PROTECTED]>
Sent by:
[EMAIL PROTECTED]
15/06/2005 21:06
Please
respond to
tn5250j-general@lists.sourceforge.net
To
TN5250J
List
cc
Subject
[Tn5250j-general]
Passing
User ID and Password in Applet
I had posted some of this about two years ago when
I first started
working with the 5250 applet. The problems that I had (and still
have)
have to do with the passing of UserID and password in the clear when I
start an applet session. Gaurav posted some code that has a servlet
that talks to the applet and passes the password back to it. I think
I
can follow the approach but wanted to know if anyone else had solved
this problem in a different way.
We have an HTML based menuing system that runs on the iSeries (under an
Apache web server). The user logs in via an HTML login prompt and
then
the menu(s) are generated from there. Some of the menu items are
HTML
based but some are 5250
Re: [Tn5250j-general] Passing User ID and Password in Applet
Hello all
First cover samples and then the questions afterwards.
I have basically taken the day off to write some sample programs. Am thinking
of creating a samples directory and delivering them on the SF download site.
If anybody has any sample code they have written to do some of the stuff that
comes up on the list. Please share this if you would like and I will package in
the samples as well.
Yes they are in clear text. There is a specification for encrypting the
password during this negotiation if anybody is interested in implementing it
within the emulator. Contact me and I will give you a link and the process to
follow for this implementation. It envolves using DES encryption routines.
Any takers and we can kick this clear text password problem in the rear end once
in for all.
Now as for the sample program I wrote I provide a copy of the description from
the program here.
/**
* First this is an example program copied from the delivered My5250App.java
* program written for the tn5250j emulator.
*
* @author Kenneth J. Pouncey
*
* You will find two parts interesting for this example:
* 1) Communicating with a Servlet (PasswordServlet) to obtain user signon
*creditials. These are then loaded into the properties to be
*used for connection.
* 2) The use of a scanning listener. See the information for the
method
* scanned() implemented for the interface ScanListener();
*
*
*/
If need be the communication with the PasswordServlet servlet could be https://
but of course if we were serving from an https server we really would not need
this.
This should take care of the first of the requirements unless I mis-understood
the problem with trasmitting the password in clear text to begin with. I assume
the password problem was being passed as a parameter in the applet html code.
In both the servlet code and example program you could write a very simple
encryption routine to send the password encrypted. There is some sample
encryption code in org.tn5250j.tools called DESSHA1 that I use for the Options
Access password encryption. You could use it in the servlet to encrypt the
password before sending it and then decrypt it when it arrives in the applet.
Also; this implements the scanning listener to do anything you would like when
you receive the command. I also have an example AS/400 program to test with if
you are interested.
If you follow the outline that Wim mentions below you could do just about
anything you want including change the flow of the screens for the user.
Pete I will send the code in a few. If anybody else is interested in this let
me know.
Regards
Kenneth
Quoting [EMAIL PROTECTED]:
> Hello Pete,
>
> I'm not quite sure why everybody make a problem about the clear passwords.
> When you would send them encrypted, the emulator telnets to the AS/400 and
> what does he do in the first place: send your userid and password to the
> as/400. I think that these are in clear text also.
>The only solution would
> be to SSL or VPN your communication to your webserver and AS/400.
>
> Next the autoclosing is fairly easy to implement using the autologin and
> scanning we have introduced in the emulator: when logging on you want to
> autostart a command. Lets call this the application command. What you can
> do is wrap this app command in you own shell command. e.g. start
> cmd('appcmd'). The start can do a few thing like setting liblists etc. But
> it's main purpose is to properly shutdown the emulator. You can do this in
> 2 ways: to a signof with disconnect. At the emulator side, you can attach
> a sessionlistener and have you applet navigate away from you page as the
> session gets disconnected. Or the start command can also trigger a scan
> code to the emulator: #! END so the applet can listen to this and perform
> an end of session. This way you can do a lot more than just ending.
>
> Hope this helps,
> Wim.
>
>
>
>
> Pete Helgren <[EMAIL PROTECTED]>
> Sent by: [EMAIL PROTECTED]
> 15/06/2005 21:06
> Please respond to
> tn5250j-general@lists.sourceforge.net
>
>
> To
> TN5250J List
> cc
>
> Subject
> [Tn5250j-general] Passing User ID and Password in Applet
>
>
>
>
>
>
> I had posted some of this about two years ago when I first started
> working with the 5250 applet. The problems that I had (and still have)
> have to do with the passing of UserID and password in the clear when I
> start an applet session. Gaurav posted some code that has a servlet
> that talks to the applet and passes the password back to it. I think I
> can follow the approach but wanted to know if anyone else had solved
> this problem in a different way.
>
> We have an HTML based menuing system that runs on the iSeries (under an
> Apache web server). The user logs in via an HTML login prompt and then
> the menu(s) are generated from there. Some of the menu items are HTML
> based but some are 52
Re: [Tn5250j-general] Passing User ID and Password in Applet
Hello Pete,
I'm not quite sure why everybody make
a problem about the clear passwords. When you would send them encrypted,
the emulator telnets to the AS/400 and what does he do in the first place:
send your userid and password to the as/400. I think that these are in
clear text also. The only solution would be to SSL or VPN your communication
to your webserver and AS/400.
Next the autoclosing is fairly easy
to implement using the autologin and scanning we have introduced in the
emulator: when logging on you want to autostart a command. Lets call this
the application command. What you can do is wrap this app command in you
own shell command. e.g. start cmd('appcmd'). The start can do a few thing
like setting liblists etc. But it's main purpose is to properly shutdown
the emulator. You can do this in 2 ways: to a signof with disconnect. At
the emulator side, you can attach a sessionlistener and have you applet
navigate away from you page as the session gets disconnected. Or the start
command can also trigger a scan code to the emulator: #! END so the applet
can listen to this and perform an end of session. This way you can do a
lot more than just ending.
Hope this helps,
Wim.
Pete Helgren <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
15/06/2005 21:06
Please respond to
tn5250j-general@lists.sourceforge.net
To
TN5250J List
cc
Subject
[Tn5250j-general] Passing
User ID and Password in Applet
I had posted some of this about two years ago when
I first started
working with the 5250 applet. The problems that I had (and still
have)
have to do with the passing of UserID and password in the clear when I
start an applet session. Gaurav posted some code that has a servlet
that talks to the applet and passes the password back to it. I think
I
can follow the approach but wanted to know if anyone else had solved
this problem in a different way.
We have an HTML based menuing system that runs on the iSeries (under an
Apache web server). The user logs in via an HTML login prompt and
then
the menu(s) are generated from there. Some of the menu items are
HTML
based but some are 5250 apps and we launch them using tn5250j in an
applet. We generate the HTML that launches the applet on the fly
using
a template but so far we have had to pass the password in the clear, not
a good solution. So, if you have any ideas that we could use to start
the applet without passing the password in the clear, I'd like to hear
about it.
We also have a need to end the application gracefully when the users are
done running the 5250 application. Right now, we display a message
that
says "Click the Exit link to end the program" and the user has
to click
the link to end the session. What I would like to do is have the
applet
close when the 5250 application has ended automatically. I am not
sure
how to accomplish this since the 5250 session would have to "tell"
the
applet to close
I'd appreciate anyone's idea as to how to solve these two issues as
simply as possible.
Thanks,
Pete Helgren
---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
___
Tn5250j-general mailing list
Tn5250j-general@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tn5250j-general
Re: [Tn5250j-general] Passing User ID and Password in Applet
Hi Pete/Kenneth,
Been a while, but I keep following the
goings-on in this group from time to time.
I had done a POC a couple of years ago
as Pete mentioned. I was successfully able to pass the username/password
to the applet from a servlet. The applet had to be signed for this purpose.
The username/password pair was present in a text file in my local file
system. The password was encrypted using a simple encryption tool.
But the business users still had a problem
putting the password, even though encrypted, in a text file. Some other
team in my project has been working on the project now and they have dropped
the web aspect of it, i.e. the applet-HTML interface. From a web page,
they launch and use the Mocha 8.0 emulator combined with an ActiveX control
to pass the keystrokes to the emulator.
Do lemme know if I can provide you any
more info.
BR/ Gaurav
Kenneth Pouncey <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
06/16/2005 12:07 PM
Please respond to
tn5250j-general@lists.sourceforge.net
To
tn5250j-general@lists.sourceforge.net
cc
Subject
Re: [Tn5250j-general] Passing User ID
and Password in Applet
Pete
Here is the part about the flow control that he uses and is actually quite
cool for the implementation. Had not thought of doing it that way.
It would be a change on the host but very small as the original command
is wrapped and the application process is not changed in anyway.
=
- What we normally do, is to wrap the normal command they want to launch
in a special command of our own. E.g. instead of issuing a WRKUSRJOB USER(user)
we issue a STRCMD CMD('WRKUSRJOB USER(user)'); the only thing our STRCMD
does is launching the command, but when the normal command ends and we
fall back in the program stacking onto our wrapper command, we send the
!# event or just do a signof with disconnect. The emulator at the Java
side knows to close itself then. In GUI mode we can then even issue 5250
as modal dialogs etc without a problem. So we do make it interactive! We
can not however send back information towards the web application directly
as we can keep synchronisations in there. We did once start to cache the
5250 sessions, but that poses more of problem than it brings advantages.
The only thing I still would like is to be able to create a protocol bean,
connect it, start the initial command and only then hook it to a interactive
terminal. This way the user would'n see the login and launch scenario pass
by as they do now.
Here is the link to the full message:
http://www.mail-archive.com/tn5250j-general@lists.sourceforge.net/msg00219.html
This should solve just about everything except the user and password problem
but am thinking of the applet to servlet would take care of this or the
SessionBean and wrapping everything up yourself in your own Applet code.
Regards
Kenneth
Pete Helgren wrote:
I had posted some of this about two years ago when I first
started working with the 5250 applet. The problems that I had (and
still have) have to do with the passing of UserID and password in the clear
when I start an applet session. Gaurav posted some code that has
a servlet that talks to the applet and passes the password back to it.
I think I can follow the approach but wanted to know if anyone else
had solved this problem in a different way.
We have an HTML based menuing system that runs on the iSeries (under an
Apache web server). The user logs in via an HTML login prompt and
then the menu(s) are generated from there. Some of the menu items
are HTML based but some are 5250 apps and we launch them using tn5250j
in an applet. We generate the HTML that launches the applet on the
fly using a template but so far we have had to pass the password in the
clear, not a good solution. So, if you have any ideas that we could
use to start the applet without passing the password in the clear, I'd
like to hear about it.
We also have a need to end the application gracefully when the users are
done running the 5250 application. Right now, we display a message
that says "Click the Exit link to end the program" and the user
has to click the link to end the session. What I would like to do
is have the applet close when the 5250 application has ended automatically.
I am not sure how to accomplish this since the 5250 session would
have to "tell" the applet to close
I'd appreciate anyone's idea as to how to solve these two issues as simply
as possible.
Thanks,
Pete Helgren
---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast.
Re: [Tn5250j-general] Passing User ID and Password in Applet
Wim, Pete and all CORRECTION! Sorry about what was written. It sounded like I did not like Wim's implementation but meant I did not like the implementation of the portal article as the thread mentions and gives reasons why. Sorry. It seems I need to go back and learn how to write in my native language :-) Kenneth Kenneth Pouncey wrote: Hello Pete Pete Helgren wrote: I had posted some of this about two years ago when I first started working with the 5250 applet. The problems that I had (and still have) have to do with the passing of UserID and password in the clear when I start an applet session. Gaurav posted some code that has a servlet that talks to the applet and passes the password back to it. I think I can follow the approach but wanted to know if anyone else had solved this problem in a different way. I do not remember this post for having the applet talk with a servlet. That would take a modification of the applet code correct? What would be the key to pass to the servlet to obtain the information? Actually asking what the flow is for the communication. It actually sounds quite neat and if you have an example could you post it again. We have an HTML based menuing system that runs on the iSeries (under an Apache web server). The user logs in via an HTML login prompt and then the menu(s) are generated from there. Some of the menu items are HTML based but some are 5250 apps and we launch them using tn5250j in an applet. We generate the HTML that launches the applet on the fly using a template but so far we have had to pass the password in the clear, not a good solution. What about doing the signin within the code first using a ProtocolBean or SessionBean? When the applet is served it would already be on the display that would like. Kind of like the Portal conversation that Wim and I were having a couple of days ago. That is bascially what he was doing. Not sure I like the solution he suggests as I think there are more elegant ways to do this within the code base. With the SessionBean you can set this information before doing the connect via the setter methods. Including the program and library to start with. Look in the list archives for the Portal conversation. So, if you have any ideas that we could use to start the applet without passing the password in the clear, I'd like to hear about it. We also have a need to end the application gracefully when the users are done running the 5250 application. Right now, we display a message that says "Click the Exit link to end the program" and the user has to click the link to end the session. What I would like to do is have the applet close when the 5250 application has ended automatically. I am not sure how to accomplish this since the 5250 session would have to "tell" the applet to close I am not to sure how to handle this scenario of closing an applet but what you could do is attach a scan listener to the session object and then trap that code in your listener. Am not clear on the applet closing part though as to what exactly it should do. Within your scanner listener you could then call another servlet to close the session or redirect you to another page. It would actually take a modification to the host application though to do this. Basically it would be a screen that starts with #! in the first position with the command to parse after it. All the code is there to see how it works in scan() method. I think I posted something on this last week and that is how Wim does this within his application. Well actually from what I understand he passes whole processes to the scan listener to run custom objects but the concept is the same. Again unfortunately a modification of the host system to call the new display screen at the end though. That is the only way the applet/emulator would know when it should close down. I'd appreciate anyone's idea as to how to solve these two issues as simply as possible. Thanks, Hopefully the above helps. Am sure Wim could answer some more questions on this as that was what we came up with when he was asking about this. I had some very basic code implementing this idea in the emulator but Wim and his team went way further with it. Actually works like a charm. Regards Kenneth Pete Helgren --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ Tn5250j-general mailing list Tn5250j-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tn5250j-general . --- SF.Net email is sponsored by: Discover Easy
Re: [Tn5250j-general] Passing User ID and Password in Applet
Pete
Here is the part about the flow control that he uses and is actually
quite cool for the implementation. Had not thought of doing it that
way. It would be a change on the host but very small as the original
command is wrapped and the application process is not changed in anyway.
=
- What we normally do, is to wrap the
normal command they want to launch in a special command of our own.
E.g.
instead of issuing a WRKUSRJOB USER(user) we issue a STRCMD
CMD('WRKUSRJOB
USER(user)'); the only thing our STRCMD does is launching the command,
but when the normal command ends and we fall back in the program
stacking
onto our wrapper command, we send the !# event or just do a signof with
disconnect. The emulator at the Java side knows to close itself then.
In
GUI mode we can then even issue 5250 as modal dialogs etc without a
problem.
So we do make it interactive! We can not however send back information
towards the web application directly as we can keep synchronisations in
there. We did once start to cache the 5250 sessions, but that poses
more
of problem than it brings advantages. The only thing I still would like
is to be able to create a protocol bean, connect it, start the initial
command and only then hook it to a interactive terminal. This way the
user
would'n see the login and launch scenario pass by as they do now.
Here is the link to the full message:
http://www.mail-archive.com/tn5250j-general@lists.sourceforge.net/msg00219.html
This should solve just about everything except the user and password
problem but am thinking of the applet to servlet would take care of
this or the SessionBean and wrapping everything up yourself in your own
Applet code.
Regards
Kenneth
Pete Helgren wrote:
I had
posted some of this about two years ago when I first started working
with the 5250 applet. The problems that I had (and still have) have to
do with the passing of UserID and password in the clear when I start an
applet session. Gaurav posted some code that has a servlet that talks
to the applet and passes the password back to it. I think I can follow
the approach but wanted to know if anyone else had solved this problem
in a different way.
We have an HTML based menuing system that runs on the iSeries (under an
Apache web server). The user logs in via an HTML login prompt and then
the menu(s) are generated from there. Some of the menu items are HTML
based but some are 5250 apps and we launch them using tn5250j in an
applet. We generate the HTML that launches the applet on the fly using
a template but so far we have had to pass the password in the clear,
not a good solution. So, if you have any ideas that we could use to
start the applet without passing the password in the clear, I'd like to
hear about it.
We also have a need to end the application gracefully when the users
are done running the 5250 application. Right now, we display a message
that says "Click the Exit link to end the program" and the user has to
click the link to end the session. What I would like to do is have the
applet close when the 5250 application has ended automatically. I am
not sure how to accomplish this since the 5250 session would have to
"tell" the applet to close
I'd appreciate anyone's idea as to how to solve these two issues as
simply as possible.
Thanks,
Pete Helgren
---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast.
http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
___
Tn5250j-general mailing list
Tn5250j-general@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tn5250j-general
.
Re: [Tn5250j-general] Passing User ID and Password in Applet
and link to the archives. Scroll down to tn5250j portal thread. http://www.mail-archive.com/tn5250j-general@lists.sourceforge.net/ Pete Helgren wrote: I had posted some of this about two years ago when I first started working with the 5250 applet. The problems that I had (and still have) have to do with the passing of UserID and password in the clear when I start an applet session. Gaurav posted some code that has a servlet that talks to the applet and passes the password back to it. I think I can follow the approach but wanted to know if anyone else had solved this problem in a different way. We have an HTML based menuing system that runs on the iSeries (under an Apache web server). The user logs in via an HTML login prompt and then the menu(s) are generated from there. Some of the menu items are HTML based but some are 5250 apps and we launch them using tn5250j in an applet. We generate the HTML that launches the applet on the fly using a template but so far we have had to pass the password in the clear, not a good solution. So, if you have any ideas that we could use to start the applet without passing the password in the clear, I'd like to hear about it. We also have a need to end the application gracefully when the users are done running the 5250 application. Right now, we display a message that says "Click the Exit link to end the program" and the user has to click the link to end the session. What I would like to do is have the applet close when the 5250 application has ended automatically. I am not sure how to accomplish this since the 5250 session would have to "tell" the applet to close I'd appreciate anyone's idea as to how to solve these two issues as simply as possible. Thanks, Pete Helgren --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ Tn5250j-general mailing list Tn5250j-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tn5250j-general . --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ Tn5250j-general mailing list Tn5250j-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tn5250j-general
Re: [Tn5250j-general] Passing User ID and Password in Applet
Here is a link again to the article: http://www.itjungle.com/fhg/fhg042005-story01.html Like I said do not like the solution but the implementation is great. Pete Helgren wrote: I had posted some of this about two years ago when I first started working with the 5250 applet. The problems that I had (and still have) have to do with the passing of UserID and password in the clear when I start an applet session. Gaurav posted some code that has a servlet that talks to the applet and passes the password back to it. I think I can follow the approach but wanted to know if anyone else had solved this problem in a different way. We have an HTML based menuing system that runs on the iSeries (under an Apache web server). The user logs in via an HTML login prompt and then the menu(s) are generated from there. Some of the menu items are HTML based but some are 5250 apps and we launch them using tn5250j in an applet. We generate the HTML that launches the applet on the fly using a template but so far we have had to pass the password in the clear, not a good solution. So, if you have any ideas that we could use to start the applet without passing the password in the clear, I'd like to hear about it. We also have a need to end the application gracefully when the users are done running the 5250 application. Right now, we display a message that says "Click the Exit link to end the program" and the user has to click the link to end the session. What I would like to do is have the applet close when the 5250 application has ended automatically. I am not sure how to accomplish this since the 5250 session would have to "tell" the applet to close I'd appreciate anyone's idea as to how to solve these two issues as simply as possible. Thanks, Pete Helgren --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ Tn5250j-general mailing list Tn5250j-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tn5250j-general . --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ Tn5250j-general mailing list Tn5250j-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tn5250j-general
Re: [Tn5250j-general] Passing User ID and Password in Applet
Hello Pete Pete Helgren wrote: I had posted some of this about two years ago when I first started working with the 5250 applet. The problems that I had (and still have) have to do with the passing of UserID and password in the clear when I start an applet session. Gaurav posted some code that has a servlet that talks to the applet and passes the password back to it. I think I can follow the approach but wanted to know if anyone else had solved this problem in a different way. I do not remember this post for having the applet talk with a servlet. That would take a modification of the applet code correct? What would be the key to pass to the servlet to obtain the information? Actually asking what the flow is for the communication. It actually sounds quite neat and if you have an example could you post it again. We have an HTML based menuing system that runs on the iSeries (under an Apache web server). The user logs in via an HTML login prompt and then the menu(s) are generated from there. Some of the menu items are HTML based but some are 5250 apps and we launch them using tn5250j in an applet. We generate the HTML that launches the applet on the fly using a template but so far we have had to pass the password in the clear, not a good solution. What about doing the signin within the code first using a ProtocolBean or SessionBean? When the applet is served it would already be on the display that would like. Kind of like the Portal conversation that Wim and I were having a couple of days ago. That is bascially what he was doing. Not sure I like the solution he suggests as I think there are more elegant ways to do this within the code base. With the SessionBean you can set this information before doing the connect via the setter methods. Including the program and library to start with. Look in the list archives for the Portal conversation. So, if you have any ideas that we could use to start the applet without passing the password in the clear, I'd like to hear about it. We also have a need to end the application gracefully when the users are done running the 5250 application. Right now, we display a message that says "Click the Exit link to end the program" and the user has to click the link to end the session. What I would like to do is have the applet close when the 5250 application has ended automatically. I am not sure how to accomplish this since the 5250 session would have to "tell" the applet to close I am not to sure how to handle this scenario of closing an applet but what you could do is attach a scan listener to the session object and then trap that code in your listener. Am not clear on the applet closing part though as to what exactly it should do. Within your scanner listener you could then call another servlet to close the session or redirect you to another page. It would actually take a modification to the host application though to do this. Basically it would be a screen that starts with #! in the first position with the command to parse after it. All the code is there to see how it works in scan() method. I think I posted something on this last week and that is how Wim does this within his application. Well actually from what I understand he passes whole processes to the scan listener to run custom objects but the concept is the same. Again unfortunately a modification of the host system to call the new display screen at the end though. That is the only way the applet/emulator would know when it should close down. I'd appreciate anyone's idea as to how to solve these two issues as simply as possible. Thanks, Hopefully the above helps. Am sure Wim could answer some more questions on this as that was what we came up with when he was asking about this. I had some very basic code implementing this idea in the emulator but Wim and his team went way further with it. Actually works like a charm. Regards Kenneth Pete Helgren --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ Tn5250j-general mailing list Tn5250j-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tn5250j-general . --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ Tn5250j-general mailing list Tn5250j-general@lists.sourceforge.net https://lists.
