PH Web and OpenVMS

Johnson, Harold A EDUC:EX Harold.A.Johnson at gov.bc.ca
Wed Jun 18 18:15:58 CDT 2008 

Thanks.   Yes, we'd like to allow the user to connect to the PH Web
screen (from anywhere), enter an existing OpenVMS user Id and password
and compare them with the existing use id and password from the OpenVMS
system.    If I read this correctly, it should be possible to do this?
This would allow us to grant access to current OpenVMS users (those
using a Powerhouse application for example) to specific built functions
using PH Web and be able to to identify them without having to build or
store another set of user ids/passwords.
 
I'm not aware of anyone using PH Web with BCeIDs.
 

________________________________

From: Peter Bateman [mailto:peterbateman808 at hotmail.com] 
Sent: Wed, June 18, 2008 12:56 PM
To: Johnson, Harold A EDUC:EX; powerh-l at lists.sowder.com
Subject: RE: PH Web and OpenVMS


       HI Harold:
 
 
         When someone signs into PowerHouse Web they are part of
         UNKNOWN Application Security Class unless there username
         is in the WEBLOGONID list and WEBLOGONID is the selected
method. 
         Usernames in the UAF would not necessarily
         be identifiable to PowerHouse Web.
         I am not sure how the username is entered on the web page.  
         I suspect that PowerHouse web prompts for the username.
         
         You could create a public PowerHouse web page.
               prompt for username and password.
         Where the username  and the encrpyted the 
         password must be on must be on SYSUAF.
      
          According to
http://download.paipai.net/texts/alt-2600%20FAQ.txt
          "To check an OpenVMS password, you need to extract the
password and the
password salt from the UAF using $GETUAI and then create a hash ( of the
entered password )
based on that salt using $HASH_PASSWORD. Compare that hash with the one
from the
UAF to determine if the password is the same."

         Has anyone got PowerHouse Web to work BCEIDs?
Regards,
Peter Bateman
 



VERSION 8.4E

PDL AND UTILITIES REFERENCE
     


WEBLOGONID username [[,] username]...

Assigns user names that are potential members of this ASC. Username is
case sensitive.

When PowerHouse Web opens a dictionary it checks the ID method in the
APPLICATION

SECURITY ID METHOD option of the SYSTEM OPTIONS statement. If the ID
method is

WEBLOGONID, PowerHouse Web checks authenticated usernames against the
list of usernames

in the WEBLOGONID option. If the authenticated username is listed in a
WEBLOGONID option

of an ASC statement, the user becomes a member of that ASC and the KNOWN
class. If an

authenticated username is not listed in any WEBLOGONID option of any ASC
statement, the

user is treated as a member of the ANONYMOUS class and the UNKNOWN
class.

If there is no authenticated username, or the ASC ID METHOD is not
WEBLOGONID, the user

becomes a member of the ASC UNKNOWN.



________________________________

	Subject: PH Web and OpenVMS
	Date: Wed, 18 Jun 2008 11:11:21 -0700
	From: Harold.A.Johnson at gov.bc.ca
	To: powerh-l at lists.sowder.com
	
	

	Hi everyone.   We are thinking of using PH Web and OpenVMS in
the following way:

	Is possible to access the VMS login (user_id/password) from a
Powerhouse WEB screen and use this information to authenticate the
person logging in, instead of creating a whole new user id/login
process?  If so, does anyone know where I can find information on this?

	thnx!

	
	 


________________________________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sowder.com/pipermail/powerh-l/attachments/20080618/9b555225/attachment-0001.htm

More information about the powerh-l mailing list