Henrik's work looks very interesting. I have seen similar techniques at e-commerce sites, but couldn't figure out what was happening in the URL.
Validation lists may be easier to implement. I had overlooked this feature assuming that they were a sub-species of Authorization lists. However,with Validation lists, can I pick up User ID as an environmental variable when required like in auth. lists? Do I have to build in page-by-page validation? marty --- In [email protected], Tom Jedrzejewicz <[EMAIL PROTECTED]> wrote: > > On 1/5/06, itpweb1 <[EMAIL PROTECTED]> wrote: > > I have a question for CGIDEV2 developers who have developed (or > > thought about) applications with a form of user validation and page > > security, but do create a user profile for each unique user. > > > > That is to say, they do not want to use AS400(or NT/UNIX) > > userID/password (with or without authorization lists) because there > > are potentially too many users or have other business reason(s) not to > > do this. > > > > My question is: what strategy of validation/page security are you > > using? What are advantages/disadvantages of your method and is it > > suitable for the WWW as well as a controlled intranet. > > There is a discussion and tutorial of this very topic on the Easy400 > site (http://www-922.ibm.com/en) - see Deliverables then "Web Security > Made Easy". > Validation lists along with existing Apache capabilities might just > fill the bill. > > > Also is "too many users" a good excuse for not using as/400 user > > profiles/auth lists to validate users? > > A better excuse is to eliminate the possibility that the user can > access anything but the web site. If you create user profiles you > have to worry about securing everything else on the system. > > Good luck > > -- > Tom Jedrzejewicz > [EMAIL PROTECTED] > Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/Easy400Group/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
