On Monday, 09/20/2010 at 02:47 EDT, David Boyes <[email protected]> wrote: > No one has mentioned the super-handy SESSION yet. SESSION allows you to define > and manage LDEV sessions from a existing CMS logon (if on the same system). I > don?t think it would be terrifically hard to add the ability to read the
> session authentication details from a file to SESSION. : > If you?re going to store PWs in a file, SFS is probably a slightly (note: > *slightly*) safer option. Gives you a bit more granular access control. I encourage folks NOT to create anything that makes it easier to store unencrypted passwords. I'd rather have an APPC/IUCV-based password server that will return a user's password if the requester hase been authorized to retrieve it. It could supply a RACF PassTicket or the value out of the directory. (The app doesn't care which it is.) (Almost) ANYTHING is better than creating password repository that must be audited and managed. (gag) Alan Altmark z/VM and Linux on System z Consultant IBM System Lab Services and Training ibm.com/systems/services/labservices office: 607.429.3323 [email protected] IBM Endicott
