PH Web and OpenVMS

Peter Bateman peterbateman808 at hotmail.com
Wed Jun 18 14:56:15 CDT 2008 

       HI Harold:           When someone signs into PowerHouse Web they are part of         UNKNOWN Application Security Class unless there username         is in the WEBLOGONID list and WEBLOGONID is the selected method.          Usernames in the UAF would not necessarily         be identifiable to PowerHouse Web.
         I am not sure how the username is entered on the web page.  
         I suspect that PowerHouse web prompts for the username.         
         You could create a public PowerHouse web page.
               prompt for username and password.
         Where the username  and the encrpyted the 
         password must be on must be on SYSUAF.
      
          According to http://download.paipai.net/texts/alt-2600%20FAQ.txt
          "To check an OpenVMS password, you need to extract the password and thepassword salt from the UAF using $GETUAI and then create a hash ( of the entered password )
based on that salt using $HASH_PASSWORD. Compare that hash with the one from theUAF to determine if the password is the same."
         Has anyone got PowerHouse Web to work BCEIDs?Regards,Peter Bateman 
VERSION 8.4EPDL AND UTILITIES REFERENCE     
WEBLOGONID username [[,] username]...
Assigns user names that are potential members of this ASC. Username is case sensitive.
When PowerHouse Web opens a dictionary it checks the ID method in the APPLICATION
SECURITY ID METHOD option of the SYSTEM OPTIONS statement. If the ID method is
WEBLOGONID, PowerHouse Web checks authenticated usernames against the list of usernames
in the WEBLOGONID option. If the authenticated username is listed in a WEBLOGONID option
of an ASC statement, the user becomes a member of that ASC and the KNOWN class. If an
authenticated username is not listed in any WEBLOGONID option of any ASC statement, the
user is treated as a member of the ANONYMOUS class and the UNKNOWN class.
If there is no authenticated username, or the ASC ID METHOD is not WEBLOGONID, the userbecomes a member of the ASC UNKNOWN.


Subject: PH Web and OpenVMSDate: Wed, 18 Jun 2008 11:11:21 -0700From: Harold.A.Johnson at gov.bc.caTo: powerh-l at lists.sowder.com


Hi everyone.   We are thinking of using PH Web and OpenVMS in the following way:
Is possible to access the VMS login (user_id/password) from a Powerhouse WEB screen and use this information to authenticate the person logging in, instead of creating a whole new user id/login process?  If so, does anyone know where I can find information on this?
thnx!
 
_________________________________________________________________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sowder.com/pipermail/powerh-l/attachments/20080618/f7a0682d/attachment.htm

More information about the powerh-l mailing list