<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
FONT-SIZE: 10pt;
FONT-FAMILY:Tahoma
}
</style>
</head>
<body class='hmmessage'>
HI Vaughn:<BR>
<BR>
<BR>
When someone signs into PowerHouse Web they are part of<BR>
UNKNOWN Application Security Class unless there username<BR>
is in the WEBLOGONID list and WEBLOGONID is the selected . <BR>
Usernames in the UAF would not necessarily<BR>
be identifiable to PowerHouse Web.<BR>
<BR>
I believe they have to be identified some other way;<BR>
usually username and password.<BR>
Has anyone got PowerHouse Web to work BCEIDs?<BR>
Regards,<BR>
Peter Bateman<BR>
<BR><B><FONT face=BellGothic-Black size=1>
<P align=left>VERSION 8.4E</P>
PDL AND UTILITIES REFERENCE<BR>
</B></FONT> <B><FONT face=BellGothic-Black size=3><BR>
<P align=left>WEBLOGONID username [[,] username]...</P></B></FONT><FONT face=SabonLTStd-Roman size=2>
<P align=left>Assigns user names that are potential members of this ASC. Username is case sensitive.</P>
<P align=left>When PowerHouse Web opens a dictionary it checks the ID method in the APPLICATION</P>
<P align=left>SECURITY ID METHOD option of the SYSTEM OPTIONS statement. If the ID method is</P>
<P align=left>WEBLOGONID, PowerHouse Web checks authenticated usernames against the list of usernames</P>
<P align=left>in the WEBLOGONID option. If the authenticated username is listed in a WEBLOGONID option</P>
<P align=left>of an ASC statement, the user becomes a member of that ASC and the KNOWN class. If an</P>
<P align=left>authenticated username is not listed in any WEBLOGONID option of any ASC statement, the</P>
<P align=left>user is treated as a member of the ANONYMOUS class and the UNKNOWN class.</P>
<P align=left>If there is no authenticated username, or the ASC ID METHOD is not WEBLOGONID, the user</P>
becomes a member of the ASC UNKNOWN.<BR>
</FONT><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR> <BR>
<BLOCKQUOTE>
<HR>
Subject: Powerhouse Web user authentication<BR>Date: Thu, 24 Apr 2008 12:54:23 -0700<BR>From: Vaughn.Smith@gov.bc.ca<BR>To: powerh-l@lists.sowder.com<BR><BR>
<META content="Microsoft SafeHTML" name=Generator>
<FONT face=Arial size=2>We have PH Web running on an Alpha OpenVMS. The documentation says</FONT> <BR><FONT face=Arial size=2>that user authentication is handled by handled outside of PH and the dictionary.</FONT> <BR><FONT face=Arial size=2>Can the authentication reference the OpenVMS user authorization file or does</FONT> <BR><FONT face=Arial size=2>it need to be something else entirely?</FONT> <BR><FONT face=Arial size=2>Thanks!</FONT> <BR><B><FONT face=Arial size=2>Vaughn Smith<BR></FONT></B><FONT face=Arial size=2>Senior Business Analyst<BR>Information & Technology Management Branch<BR>Ministry of Advanced Education<BR>___________________________________________</FONT> <BR><I><FONT face=Arial size=2>email: Vaughn.Smith@gov.bc.ca<BR>phone: 250.387.8907<BR>fax: 250.356.0033</FONT></I> <BR><FONT face=Arial size=2>From the Cognos PH Web documentation:</FONT> <BR>
<B><FONT face=BellGothic-Black size=5>Authentication and Access Control</FONT></B> <BR><FONT face=SabonLTStd-Roman size=2>To restrict access to known users, some Web servers allow you to specify that a username and</FONT> <BR><FONT face=SabonLTStd-Roman size=2>password must be entered before a specific folder or file is accessed.</FONT> <BR><FONT face=SabonLTStd-Roman size=2>Authentication is the process of prompting for and verifying the username and password. Access</FONT> <BR><FONT face=SabonLTStd-Roman size=2>control ensures that resources such as folders and files are only accessible to authenticated users.</FONT> <BR><FONT face=SabonLTStd-Roman size=2>Refer to your Web server documentation to find out how to set up authentication and access</FONT> <BR><FONT face=SabonLTStd-Roman size=2>control for your Web server. Note that the username and password list used for authentication is</FONT> <BR><FONT face=SabonLTStd-Roman size=2>separate from PowerHouse Web and the PowerHouse dictionary. Maintaining the username and</FONT> <BR><FONT face=SabonLTStd-Roman size=2>password list is done outside of PowerHouse Web.</FONT> <BR><FONT face=SabonLTStd-Roman size=2>By requiring a password to access the PHCGI, you can ensure that only known users can access</FONT> <BR><FONT face=SabonLTStd-Roman size=2>PowerHouse Web applications. However, most applications have some pages that you want to</FONT> <BR><FONT face=SabonLTStd-Roman size=2>protect, and some that can be open to public view. In this case, you use two copies of the PHCGI,</FONT> <BR><FONT face=SabonLTStd-Roman size=2>one as a protected resource requiring authentication to access and the other unprotected. Once</FONT> <BR><FONT face=SabonLTStd-Roman size=2>you have both protected and unprotected copies of the PHCGI, you still need to control access at</FONT> <BR><FONT face=SabonLTStd-Roman size=2>the page level. Controlling page access is required because you can't prevent someone from typing</FONT> <BR><FONT face=SabonLTStd-Roman size=2>a URL pointing to the unprotected PHCGI using a page that is supposed to be protected.</FONT> <BR><FONT face=SabonLTStd-Roman size=2>PowerHouse Web can use the authenticated username to control access to the page. In addition,</FONT> <BR><FONT face=SabonLTStd-Roman size=2>the username can be used to control access to items and records through application security</FONT> <BR><FONT face=SabonLTStd-Roman size=2>specified in the dictionary.</FONT> <BR><BR><BR></BLOCKQUOTE><br /><hr />Sign in and you could WIN! Enter for your chance to win $1000 every day. <a href='http://g.msn.ca/ca55/216' target='_new'>Visit SignInAndWIN.ca today to learn more!</a></body>
</html>