PH Web and OpenVMS

Fri Jun 20 12:54:29 CDT 2008

OK with this, but you won't have access to the webs erver/system with 
your paypal username and password....like your OpenVMS username / Password.

Etienne

Johnson, Harold A EDUC:EX a écrit :
> Unless it's using SSL I imagine and protected - I've got many web 
> accounts (ebay, paypal, bank, etc.) where I have to input a password, so 
> I don't imagine this is an issue.
> 
> ------------------------------------------------------------------------
> *From:* Peter Bateman [mailto:peterbateman808 at hotmail.com]
> *Sent:* Thu, June 19, 2008 3:21 PM
> *To:* Johnson, Harold A EDUC:EX; powerh-l at lists.sowder.com
> *Subject:* RE: PH Web and OpenVMS
> 
>        Hi Harold:
>  
>           It seems to me that we really don't want to be passing 
> passwords around on the web!
>       
>       Regards,
>       Peter
> 
> 
>     ------------------------------------------------------------------------
>     Subject: RE: PH Web and OpenVMS
>     Date: Wed, 18 Jun 2008 16:15:58 -0700
>     From: Harold.A.Johnson at gov.bc.ca
>     To: peterbateman808 at hotmail.com; powerh-l at lists.sowder.com
> 
>     Thanks.   Yes, we'd like to allow the user to connect to the PH Web
>     screen (from anywhere), enter an existing OpenVMS user Id and
>     password and compare them with the existing use id and password from
>     the OpenVMS system.    If I read this correctly, it should be
>     possible to do this?    This would allow us to grant access to
>     current OpenVMS users (those using a Powerhouse application for
>     example) to specific built functions using PH Web and be able to to
>     identify them without having to build or store another set of user
>     ids/passwords.
>      
>     I'm not aware of anyone using PH Web with BCeIDs.
>      
> 
>     ------------------------------------------------------------------------
>     *From:* Peter Bateman [mailto:peterbateman808 at hotmail.com]
>     *Sent:* Wed, June 18, 2008 12:56 PM
>     *To:* Johnson, Harold A EDUC:EX; powerh-l at lists.sowder.com
>     *Subject:* RE: PH Web and OpenVMS
> 
>            HI Harold:
>      
>      
>              When someone signs into PowerHouse Web they are part of
>              UNKNOWN Application Security Class unless there username
>              is in the WEBLOGONID list and WEBLOGONID is the selected
>     method.
>              Usernames in the UAF would not necessarily
>              be identifiable to PowerHouse Web.
>              I am not sure how the username is entered on the web page.  
>              I suspect that PowerHouse web prompts for the username.
>              
>              You could create a public PowerHouse web page.
>                    prompt for username and password.
>              Where the username  and the encrpyted the
>              password must be on must be on SYSUAF.
>           
>               According to
>     http://download.paipai.net/texts/alt-2600%20FAQ.txt
>               "To check an OpenVMS password, you need to extract the
>     password and the
>     password salt from the UAF using $GETUAI and then create a hash ( of
>     the entered password )
>     based on that salt using $HASH_PASSWORD. Compare that hash with the
>     one from the
>     UAF to determine if the password is the same."
> 
>              Has anyone got PowerHouse Web to work BCEIDs?
>     Regards,
>     Peter Bateman
>      
> 
>     * *
> 
>     *VERSION 8.4E*
> 
>     *PDL AND UTILITIES REFERENCE
>     *     *
>     *
> 
>     *WEBLOGONID username [[,] username]...*
> 
>     Assigns user names that are potential members of this ASC. Username
>     is case sensitive.
> 
>     When PowerHouse Web opens a dictionary it checks the ID method in
>     the APPLICATION
> 
>     SECURITY ID METHOD option of the SYSTEM OPTIONS statement. If the ID
>     method is
> 
>     WEBLOGONID, PowerHouse Web checks authenticated usernames against
>     the list of usernames
> 
>     in the WEBLOGONID option. If the authenticated username is listed in
>     a WEBLOGONID option
> 
>     of an ASC statement, the user becomes a member of that ASC and the
>     KNOWN class. If an
> 
>     authenticated username is not listed in any WEBLOGONID option of any
>     ASC statement, the
> 
>     user is treated as a member of the ANONYMOUS class and the UNKNOWN
>     class.
> 
>     If there is no authenticated username, or the ASC ID METHOD is not
>     WEBLOGONID, the user
> 
>     becomes a member of the ASC UNKNOWN.
> 
>         ------------------------------------------------------------------------
>         Subject: PH Web and OpenVMS
>         Date: Wed, 18 Jun 2008 11:11:21 -0700
>         From: Harold.A.Johnson at gov.bc.ca
>         To: powerh-l at lists.sowder.com
> 
>         Hi everyone.   We are thinking of using PH Web and OpenVMS in
>         the following way:
> 
>         Is possible to access the VMS login (user_id/password) from a
>         Powerhouse WEB screen and use this information to authenticate
>         the person logging in, instead of creating a whole new user
>         id/login process?  If so, does anyone know where I can find
>         information on this?
> 
>         thnx!
> 
> 
>          
> 
> 
>     ------------------------------------------------------------------------
>     <http:///>
> 
> 
> ------------------------------------------------------------------------
> 