02-04-2004 07:01 PM
As far as I found so far, ALL activities via web-access are done by WWW$APACHE, which is quite hard to trace back to a certain person.
I really would like to validate the accessor against SYSUAF, and allow/restrict access by granted rightsidentifiers, but if there is only a less "clean" way I would be willing to give it serious consideration.
The reason: nowadays the VMS applications are accessed by terminal emulator, but there is a really heavy management incentive that "all" functionality should be accessable "the same way", and for that way they chose Billy's IE.
At the moment serious development pilots are underway to replaced the VMS apps by some MS & some *NIX. To me that looks like spending LOTS of money to get to a reduced functionality with less security, but one GREAT advantage: it shows nice, flashy, colored displays that impress managers better than monochrome screens in character mode (and they can better use it to impress guests).
I would like to keep the VMS stuff and spend much less money, and if I can reach just about the same flashiness, then THAT would hopefully please management even better.
Any help welcome!
Solved! Go to Solution.
02-04-2004 08:31 PM
Purely Personal Opinion
02-04-2004 08:56 PM
Ian, I think I must have missed that one.
A period of excersising & testing is imminent. And then (I hope and expect) the demonstrating and all other political stuff.
02-06-2004 06:42 AM
My experience: This works GREAT: check against SYSUAF on username (password must be valid and non-expired, user must be non-captive, non-disuser....) and on rights_id.
I use these both. I can advise!
only point: passwords are passed as text so the site will require SSL to get it encrypted on the Internet (still working on that ;-()
OpenVMS Developer & System Manager