How to authenticate users using RACF for applications running in CICS Web support using existing sof

Home
Topics
IBM System z and Mainframe Systems
Mainframe operating systems and management
How to authenticate users using RACF for applications running in CICS Web support using existing sof

How to authenticate users using RACF for applications running in CICS Web support using existing sof

How to authenticate users using RACF for applications running in CICS Web Support (CWS) using existing software? The IBM sample programs either
(1) Invoke HTTP Basic Authentication, which allows Internet Explorer users to save their passwords - permitting unauthorized users to sign-on using cached passwords or
(2) Result in non-persistent verifications requiring user to present credentials at every page change. We need persistent verified user-id and no stored passwords.

Jim Leinbach, of H&W Computer Systems, wrote a 2-part article for NASPA's Tech Support magazine January 2001. Part 1 describes session cookies as your answer and can be viewed/downloaded at http://www.naspa.com/PDF/2001/0101%20PDF/T0101001.pdf

. Part 2 is at http://www.naspa.com/PDF/2001/0201%20PDF/T0102003.pdf

. From my reading of the article "session cookies" might be just what you want. Basically, the analyzer can verify credentials initially and send back a token to be used as a session cookie which doesn't have to be stored on PC. You still have the problem of someone logging on then leaving while session still active only to have one of those durn interlopers sit down. Specialized peripherals like the Logitech Optical Whoopee Cushion can detect that security breach but ... {smile}

Dig Deeper

People who read this also read...

Related glossary terms

Terms for Whatis.com - the technology online dictionary

Show me more

This was first published in August 2006

More from Related TechTarget Sites

Windows Server
Enterprise Linux
Server Virtualization
Cloud computing
Virtual Data Centre

Windows Server
- Managing access control with Windows Rights Management Services
  
  Active Directory's Rights Management Services is a good way of managing access to data, but there are caveats.
- Bringing Windows RDS to the web: Designing the DMZ
  
  Remote Desktop Gateway secures Internet access for Remote Desktop Services applications – if you set it up properly.
- Deciding between blade and rack-mount gear for Windows Server 2008
  
  Are you looking for scalability or performance? It's important to understand your needs before choosing a Windows Server hardware solution.
Enterprise Linux
- Talking with the expert: Take control with the Linux command line
  
  Linux expert William E. Shotts Jr. wants more Linux users to discover the command line and tap the advanced functionality below the GUI.
- Search and replace on steroids: Do more with these sed commands
  
  These tips can help administrators help themselves through advanced text editing with the UNIX Stream Editor (sed) utility.
- SearchEnterpriseLinux’s top five Linux tips of 2011
  
  Popular tips for Linux administrators in 2011 included systems management tool use and management, Linux security and Linux command line shortcuts. Did you miss a hot Linux admin tip this year?
Server Virtualization
- Virtualization disaster recovery tools: No silver bullet solution
  
  There’s a flood of virtualization disaster recovery tools available, but an effective DR plan may require a combination of technologies and products.
- Shedding light on Hyper-V 3.0 resource monitoring
  
  Hyper-V 3.0 will feature new resource-monitoring capabilities, which will be a boon for multi-tenant environments that need to calculate chargeback.
- VCP 5 certification course deadline looms over VMware pros
  
  VMware pros, who are under pressure to complete their VCP 5 exam before Feb. 29 to avoid additional requirements, yearn for Microsoft-style exams.
Cloud computing
- Keys to integrated cloud application management
  
  Seamless cloud application management isn’t a pipe dream. By following a few steps, cloud admins can monitor cloud app performance from one interface.
- Cloud infrastructure providers remain hot commodities
  
  Cloud infrastructure providers attracted acquisitive suitors last year. Profitable cloud vendors this year will catch the eye of telecoms.
- Digging deeper into IBM SmartCloud for private clouds
  
  IBM SmartCloud services give enterprises some options to build private and hybrid clouds and may give IBM a chance to improve its lagging cloud image.
Virtual Data Centre
- Palmer's College scores on virtualisation, data centre consolidation
  
  Palmer's College's virtualisation and data centre consolidation project did not just improve IT efficiency and scalability, but also saves on data centre cooling costs.
- How IT can convince stakeholders of the value of technology projects
  
  IT professionals must take data centre measures to convince stakeholders of the business value of technology projects. This will help IT emerge as a valuable business resource.
- Virtualisation, cloud and compliance are top priorities for IT in 2012
  
  A TechTarget study finds that IT pros’ main priorities for 2012 are virtualisation, cloud computing and compliance. Experts show how they can carry these out with limited budget.

All Rights Reserved, Copyright - 2012, TechTarget