Thank you all for the feedback. Jim Gray ----- Original Message ----- From: "Doug Martin" <[EMAIL PROTECTED]> To: <hardhats-members@lists.sourceforge.net> Sent: Saturday, June 10, 2006 8:03 AM Subject: Re: [Hardhats-members] CPRS auto log in
> The VA's broker-based single sign-on solution is extremely problematic > for some of the reasons outlined below. It will also not work where > concurrent NT logins are allowed or where generic user accounts are in > use. But most seriously, if a broker application terminates improperly, > any subsequent login will be automatically authenticated as that user. > It is simply not a robust solution and there are very few environments > where it can be considered safe. > > Doug > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > David Sommers > Sent: Friday, June 09, 2006 11:52 PM > To: hardhats-members@lists.sourceforge.net > Subject: Re: [Hardhats-members] CPRS auto log in > > It tracks it via IP which is why it has to be disabled when using > Terminal Services since all users are logged into a multi-session > instance from the same IP (ie terminal/citrix server) > > So if you login via RPC from IP 192.168.0.2, it'll track that so that > any future logins just "let you in". I don't think it was meant to be > secure by any stretch of the imagination. That process with be > susceptible to many methods of intrusion including man-in-the-middle and > impersonation. > > /David. > > > David Sommers, Architect | Dialog Medical > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > James Gray > Sent: Wednesday, June 07, 2006 11:52 AM > To: hardhats-members@lists.sourceforge.net > Subject: Re: [Hardhats-members] CPRS auto log in > > I found the documentation on how to control from a system point of view > using the fields in file 200 and the Kernel Parameters file. I did not > find > anything about how to control this from a programmer perspective. Is > there > documentation on that issue? > > Jim Gray > > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <hardhats-members@lists.sourceforge.net> > Sent: Tuesday, June 06, 2006 3:05 PM > Subject: Re: [Hardhats-members] CPRS auto log in > > >> It uses the auto logon feature of the RPC broker, the broker handles >> all of the particulars in regard to who is who. >> >> ----- Original Message ----- >> From: James Gray <[EMAIL PROTECTED]> >> Date: Tuesday, June 6, 2006 2:11 pm >> Subject: [Hardhats-members] CPRS auto log in >> To: hardhats-members@lists.sourceforge.net >> Cc: [EMAIL PROTECTED] >> >>> How does the auto-login feature of CPRS work. How does it know >>> who you are and to assign the right DUZ? >>> >>> Jim Gray >> >> >> _______________________________________________ >> Hardhats-members mailing list >> Hardhats-members@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/hardhats-members > > > > _______________________________________________ > Hardhats-members mailing list > Hardhats-members@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/hardhats-members > > > _______________________________________________ > Hardhats-members mailing list > Hardhats-members@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/hardhats-members > > > _______________________________________________ > Hardhats-members mailing list > Hardhats-members@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/hardhats-members _______________________________________________ Hardhats-members mailing list Hardhats-members@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/hardhats-members