Handling Multiusers in PHWEB ( the late shift )

Deskin, Bob Bob.Deskin@Cognos.COM
Sat, 6 Nov 2004 07:14:00 -0500 

You make me laugh. Who's this Bob guy :-)

Bob

PS You should all know that I'm not wild about open heights and I'm getting very dizzy on this pedestal :-)

-----Original Message-----
From: powerh-l-admin@lists.sowder.com
[mailto:powerh-l-admin@lists.sowder.com]On Behalf Of brian_matthewsbrian
matthews
Sent: November 5, 2004 6:16 PM
To: powerh-l@lists.sowder.com
Subject: RE: Handling Multiusers in PHWEB ( the late shift )


having said that, subfile access isn't referenced in our PH 8.4 PH guide 
either, although it is in our PH handbooks and PH7 new features docs; but as 
Bob says it is valid, and thats all we need to know.

>From: "brian_matthewsbrian matthews" <brian_matthews_bmw@hotmail.com>
>To: robeconsult@sbcglobal.net, powerh-l@lists.sowder.com
>Subject: RE: Handling Multiusers in PHWEB ( the late shift )
>Date: Fri, 05 Nov 2004 22:18:49 +0000
>
>'one' assumes its there because 'one' has seen it there in PH, and when 
>'one' looks for it in PHweb, 'one' 'SEES' that this is a wrong assumption; 
>therefore, metaphorically speaking, 'one' 'SEES' that it is'nt there :)
>
>Bri
>
>>From: "Robert Edis" <robeconsult@sbcglobal.net>
>>To: "PH List" <powerh-l@lists.sowder.com>
>>Subject: RE: Handling Multiusers in PHWEB ( the late shift )
>>Date: Fri, 5 Nov 2004 08:19:09 -0600
>>
>>Excuse me  but how does one SEE something that isn't there? :)
>>
>>Blue
>>
>> > -----Original Message-----
>> > From: powerh-l-admin@lists.sowder.com
>> > [mailto:powerh-l-admin@lists.sowder.com]On Behalf Of 
>>brian_matthewsbrian
>> > matthews
>> > Sent: Thursday, November 04, 2004 11:48 PM
>> > To: powerh-l@lists.sowder.com
>> > Subject: RE: Handling Multiusers in PHWEB ( the late shift )
>> >
>> >
>> > and only now do I see in my PH web docs that there is no mention
>> > of support
>> > for subfiles in quick :(
>> >
>> > >From: "brian_matthewsbrian matthews" <brian_matthews_bmw@hotmail.com>
>> > >To: powerh-l@lists.sowder.com
>> > >Subject: RE: Handling Multiusers in PHWEB ( the late shift )
>> > >Date: Fri, 05 Nov 2004 03:29:24 +0000
>> > >
>> > >it now seems that we will set up the system to use SSH calls (
>> > Secure SHell
>> > >versions of the rcp, rsh, and rlogin programs ) to execute the script
>> > >files, and we will have web authentification ( along with
>> > ssl/HTTPS calls
>> > >to hide passwords ) to get the userid and password.
>> > >
>> > >So hopefully its all in the Unix/webserver configuration so no
>> > need to get
>> > >a password specifically by prompting from the PHWeb app after
>> > all; or even
>> > >prompt for a userid in our opening PHWeb page, because we can get the
>> > >userid value entered during the web authentication stage from the
>> > >weblogonid function.
>> > >
>> > >Have also taken up the idea of the userid + sysdate + systime
>> > record key,
>> > >but it turns out that we only need the userid because a given userid 
>>is
>> > >unique and will have the same env variables, which is all we are
>> > storing in
>> > >the the record.
>> > >
>> > >Hopefully it will work out this nicely when we start building/testing.
>> > >
>> > >P.S. nice web site Harold :)
>> > >
>> > >Bri
>> > >
>> > >
>> > >>From: "Joe Boyle" <joeboyle_adt@hotmail.com>
>> > >>To: <powerh-l@lists.sowder.com>
>> > >>Subject: RE: Handling Multiusers in PHWEB ( the late shift )
>> > >>Date: Thu, 4 Nov 2004 17:19:16 -0000
>> > >>
>> > >>Jon,
>> > >>
>> > >>
>> > >>
>> > >>I notice that you specifically mentioned 'encrypted password' and I 
>>also
>> > >>wondered how wise this was when I saw that the password was being 
>>sent,
>> > >>but
>> > >>then I see that the call is as below, so presumably it cannot be seen 
>>by
>> > >>unwanted eyes ( can it ? )
>> > >>
>> > >>
>> > >>
>> > >>let t_get_vars_string = "/usr/bin/phwrscripts/get_user_vars.sh " +
>> > >>f_userid
>> > >>+ " " + f_passwd
>> > >>
>> > >>run command t_get_vars_string
>> > >>
>> > >>
>> > >>
>> > >>As for the file/record update, I would go for a key based on
>> > the userid +
>> > >>ascii(sysdate,8) + ascii(systime,8), set before the script was
>> > called from
>> > >>the web page ( also stored in a temp for record retrieval ) and
>> > sent as a
>> > >>third parameter; having passwords as a key segment is probably 
>>unwise.
>> > >>
>> > >>Regards, Joe.
>> > >>
>> > >>   _____
>> > >>
>> > >>From: powerh-l-admin@lists.sowder.com
>> > >>[mailto:powerh-l-admin@lists.sowder.com] On Behalf Of Bickel, Jon
>> > >>Sent: 04 November 2004 16:38
>> > >>To: powerh-l@lists.sowder.com
>> > >>Subject: RE: Handling Multiusers in PHWEB ( the late shift )
>> > >>
>> > >>
>> > >>
>> > >>Joe,
>> > >>
>> > >>
>> > >>
>> > >>You are correct, my solution does only simulate the actual user.  In 
>>my
>> > >>situation, my only concern was correctly identifying the true user to
>> > >>present them with their individual menu - the process owner was not
>> > >>relevant.  However, I believe that a large part of my solution
>> > would also
>> > >>apply to the rlogin approach since the true username and encrypted
>> > >>password
>> > >>do get passed from browser to webserver to Unix.
>> > >>
>> > >>
>> > >>
>> > >>jb
>> > >>
>> > >>-----Original Message-----
>> > >>From: Joe Boyle [mailto:joeboyle_adt@hotmail.com]
>> > >>Sent: Thursday, November 04, 2004 10:11 AM
>> > >>To: 'Bickel, Jon'; powerh-l@lists.sowder.com
>> > >>Subject: RE: Handling Multiusers in PHWEB ( the late shift )
>> > >>
>> > >>Hi Jon ( all ),
>> > >>
>> > >>
>> > >>
>> > >>from Brian's suggested script I am guessing that he wants to run the
>> > >>process
>> > >>actually logged in as the user concerned, which is a solution I would 
>>be
>> > >>interested in myself.
>> > >>
>> > >>
>> > >>
>> > >>I have looked at your email again and your comment below, which 
>>suggests
>> > >>that your solution only simulates actually being logged in (
>> > which is also
>> > >>great if that is what you want :-)
>> > >>
>> > >>
>> > >>
>> > >>'The actual logonid of the session is still the web server
>> > administrator,
>> > >>but the temp space is effectively that of the true userid (and the 
>>true
>> > >>userid is available as an environmental variable for  all downstream
>> > >>processes).'
>> > >>
>> > >>
>> > >>
>> > >>I like the rlogin idea and wonder if it isn't possible to put the $2
>> > >>variable on the second line, to be picked up by the password request
>> > >>prompt,
>> > >>as below ? ( it's a while since I ran a rlogin call and I am
>> > assuming that
>> > >>there is a password prompt at this point )
>> > >>
>> > >>
>> > >>
>> > >>rlogin theserver -l $1
>> > >>
>> > >>$2
>> > >>
>> > >>
>> > >>
>> > >>
>> > >>
>> > >>Regards, Joe.
>> > >>
>> > >>
>> > >>
>> > >>This e-mail and all information contained in it is confidential
>> > and may be
>> > >>legally privileged. If you are not the intended recipient, your
>> > access to
>> > >>this e-mail is unauthorized. Any use, dissemination, distribution,
>> > >>publication or copying by you of this e-mail or any of the 
>>information
>> > >>contained within it is prohibited and may be unlawful. Do not open 
>>any
>> > >>attachments, delete it immediately from your system and notify
>> > the sender
>> > >>promptly by e-mail that you have done so. The content of this
>> > >>
>> > >>e-mail and any attachments sent with it may have been altered
>> > without the
>> > >>consent or knowledge of the author.
>> > >>
>> > >>
>> > >>
>> > >>
>> > >>
>> > >
>> > >_________________________________________________________________
>> > >Want to block unwanted pop-ups? Download the free MSN Toolbar now!
>> > >http://toolbar.msn.co.uk/
>> > >
>> > >= = = = = = = = = = = = = = = = = = = = = = = = = = = =
>> > >Mailing list: powerh-l@lists.sowder.com
>> > >Subscribe: "subscribe" in message body to
>> > powerh-l-request@lists.sowder.com
>> > >Unsubscribe: "unsubscribe <password>" in message body to
>> > >powerh-l-request@lists.sowder.com
>> > >http://lists.sowder.com/mailman/listinfo/powerh-l
>> > >This list is closed, thus to post to the list you must be a 
>>subscriber.
>> >
>> > _________________________________________________________________
>> > Express yourself with cool new emoticons
>> > http://www.msn.co.uk/specials/myemo
>> >
>> > = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>> > Mailing list: powerh-l@lists.sowder.com
>> > Subscribe: "subscribe" in message body to
>> > powerh-l-request@lists.sowder.com
>> > Unsubscribe: "unsubscribe <password>" in message body to
>> > powerh-l-request@lists.sowder.com
>> > http://lists.sowder.com/mailman/listinfo/powerh-l
>> > This list is closed, thus to post to the list you must be a subscriber.
>> >
>>
>>
>>= = = = = = = = = = = = = = = = = = = = = = = = = = = =
>>Mailing list: powerh-l@lists.sowder.com
>>Subscribe: "subscribe" in message body to 
>>powerh-l-request@lists.sowder.com
>>Unsubscribe: "unsubscribe <password>" in message body to 
>>powerh-l-request@lists.sowder.com
>>http://lists.sowder.com/mailman/listinfo/powerh-l
>>This list is closed, thus to post to the list you must be a subscriber.
>
>_________________________________________________________________
>Want to block unwanted pop-ups? Download the free MSN Toolbar now!  
>http://toolbar.msn.co.uk/
>
>= = = = = = = = = = = = = = = = = = = = = = = = = = = =
>Mailing list: powerh-l@lists.sowder.com
>Subscribe: "subscribe" in message body to powerh-l-request@lists.sowder.com
>Unsubscribe: "unsubscribe <password>" in message body to 
>powerh-l-request@lists.sowder.com
>http://lists.sowder.com/mailman/listinfo/powerh-l
>This list is closed, thus to post to the list you must be a subscriber.

_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today! 
http://www.msn.co.uk/messenger

= = = = = = = = = = = = = = = = = = = = = = = = = = = =
Mailing list: powerh-l@lists.sowder.com
Subscribe: "subscribe" in message body to powerh-l-request@lists.sowder.com
Unsubscribe: "unsubscribe <password>" in message body to powerh-l-request@lists.sowder.com
http://lists.sowder.com/mailman/listinfo/powerh-l
This list is closed, thus to post to the list you must be a subscriber. 
  
       This message may contain privileged and/or confidential information.  If you have received this e-mail in error or are not the intended recipient, you may not use, copy, disseminate or distribute it; do not open any attachments, delete it immediately from your system and notify the sender promptly by e-mail that you have done so.  Thank you.