<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
FONT-SIZE: 10pt;
FONT-FAMILY:Tahoma
}
</style>
</head>
<body class='hmmessage'>
Hi Harold:<BR>
<BR>
It seems to me that we really don't want to be passing passwords around on the web!<BR>
<BR>
Regards,<BR>
Peter<BR><BR><BR>
<BLOCKQUOTE>
<HR>
Subject: RE: PH Web and OpenVMS<BR>Date: Wed, 18 Jun 2008 16:15:58 -0700<BR>From: Harold.A.Johnson@gov.bc.ca<BR>To: peterbateman808@hotmail.com; powerh-l@lists.sowder.com<BR><BR>
<META content="Microsoft SafeHTML" name=Generator>
<STYLE>
.ExternalClass .EC_hmmessage P
{padding-right:0px;padding-left:0px;padding-bottom:0px;padding-top:0px;}
.ExternalClass BODY.EC_hmmessage
{font-size:10pt;font-family:Tahoma;}
</STYLE>
<DIV dir=ltr align=left><SPAN class=EC_905321223-18062008><FONT face=Arial color=#0000ff>Thanks. Yes, we'd like to allow the user to connect to the PH Web screen (from anywhere), enter an existing OpenVMS user Id and password and compare them with the existing use id and password from the OpenVMS system. If I read this correctly, it should be possible to do this? This would allow us to grant access to current OpenVMS users (those using a Powerhouse application for example) to specific built functions using PH Web and be able to to identify them without having to build or store another set of user ids/passwords.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=EC_905321223-18062008><FONT face=Arial color=#0000ff></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=EC_905321223-18062008><FONT face=Arial color=#0000ff>I'm not aware of anyone using PH Web with BCeIDs.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=EC_905321223-18062008><FONT face=Arial color=#0000ff></FONT></SPAN> </DIV><BR>
<DIV class=EC_OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR>
<FONT face=Tahoma><B>From:</B> Peter Bateman [mailto:peterbateman808@hotmail.com] <BR><B>Sent:</B> Wed, June 18, 2008 12:56 PM<BR><B>To:</B> Johnson, Harold A EDUC:EX; powerh-l@lists.sowder.com<BR><B>Subject:</B> RE: PH Web and OpenVMS<BR></FONT><BR></DIV>
<DIV></DIV> HI Harold:<BR> <BR> <BR> When someone signs into PowerHouse Web they are part of<BR> UNKNOWN Application Security Class unless there username<BR> is in the WEBLOGONID list and WEBLOGONID is the selected method. <BR> Usernames in the UAF would not necessarily<BR> be identifiable to PowerHouse Web.<BR> I am not sure how the username is entered on the web page. <BR> I suspect that PowerHouse web prompts for the username.<BR> <BR> You could create a public PowerHouse web page.<BR> prompt for username and password.<BR> Where the username and the encrpyted the <BR> password must be on must be on SYSUAF.<BR> <BR> According to <A href="http://download.paipai.net/texts/alt-2600%20FAQ.txt" target=_blank>http://download.paipai.net/texts/alt-2600%20FAQ.txt</A><BR> "To check an OpenVMS password, you need to extract the password and the<BR>password salt from the UAF using $GETUAI and then create a hash ( of the entered password )<BR>based on that salt using $HASH_PASSWORD. Compare that hash with the one from the<BR>UAF to determine if the password is the same."<BR><BR> Has anyone got PowerHouse Web to work BCEIDs?<BR>Regards,<BR>Peter Bateman<BR> <BR><BR><B><FONT face=BellGothic-Black size=1>
<P align=left>VERSION 8.4E</P>PDL AND UTILITIES REFERENCE<BR></B></FONT> <B><FONT face=BellGothic-Black size=3><BR>
<P align=left>WEBLOGONID username [[,] username]...</P></B></FONT><FONT face=SabonLTStd-Roman size=2>
<P align=left>Assigns user names that are potential members of this ASC. Username is case sensitive.</P>
<P align=left>When PowerHouse Web opens a dictionary it checks the ID method in the APPLICATION</P>
<P align=left>SECURITY ID METHOD option of the SYSTEM OPTIONS statement. If the ID method is</P>
<P align=left>WEBLOGONID, PowerHouse Web checks authenticated usernames against the list of usernames</P>
<P align=left>in the WEBLOGONID option. If the authenticated username is listed in a WEBLOGONID option</P>
<P align=left>of an ASC statement, the user becomes a member of that ASC and the KNOWN class. If an</P>
<P align=left>authenticated username is not listed in any WEBLOGONID option of any ASC statement, the</P>
<P align=left>user is treated as a member of the ANONYMOUS class and the UNKNOWN class.</P>
<P align=left>If there is no authenticated username, or the ASC ID METHOD is not WEBLOGONID, the user</P>becomes a member of the ASC UNKNOWN.</FONT><BR><BR>
<BLOCKQUOTE>
<HR>
Subject: PH Web and OpenVMS<BR>Date: Wed, 18 Jun 2008 11:11:21 -0700<BR>From: Harold.A.Johnson@gov.bc.ca<BR>To: powerh-l@lists.sowder.com<BR><BR>
<DIV dir=ltr align=left>
<P class=EC_EC_MsoNormal><SPAN lang=EN-CA style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><SPAN class=EC_EC_853540918-18062008>Hi everyone. We are thinking of using PH Web and OpenVMS in the following way:</SPAN></SPAN></P>
<P class=EC_EC_MsoNormal><SPAN lang=EN-CA style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Is possible to access the VMS login (user_id/password) from a Powerhouse WEB screen and use this information to authenticate the person logging in<SPAN class=EC_EC_853540918-18062008>, instead of creating a whole new user id/login process? If so, does anyone know where I can find information on this?</SPAN></SPAN></P>
<P class=EC_EC_MsoNormal><SPAN lang=EN-CA style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><SPAN class=EC_EC_853540918-18062008>thnx!</SPAN></SPAN></P>
<P class=EC_EC_MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT><BR> </P></DIV></BLOCKQUOTE><BR>
<HR>
<A href="http:///" target=_blank></A></BLOCKQUOTE><br /><hr /> <a href='' target='_new'></a></body>
</html>