This is actually a 'hard' problem in IT, particularly with some large ERP packages, a German one being a particularly aggravating example. ;-)
However, in a UniVerse environment, if you have source code, it's not too difficult. [The fact that other packages / systems make it seem so hard is a bit of a mystery to me] What you need to do, at the place where you would otherwise ask the user to input a UserID & Password, is *trust* that the identity of the currently logged-in user has been verified by the identity management system (in our case Windows Active Directory services). So, don't ask the user for their ID, it's already there in @LOGNAME. As an additional check, if the user is about to change some piece of information which might be of particular concern (like the Bank Account Number their pay goes into) you can ask them to re-enter their password (displaying **** instead of the actual password course) and use the manufacturer-supplied API to check that the input password matches the user-ID. HTH Mike > -----Original Message----- > From: [EMAIL PROTECTED] On Behalf Of Charles Barouch > Sent: Friday, 20 April 2007 07:10 > To: u2-users@listserver.u2ug.org > Subject: Re: [U2] Single Signon for U2 - Identity Management ? > > All, > I *believe* Baker is looking to have people put in their User ID & > Password exactly once, and not have to re-enter it for each process > (UniVerse, E-mail, Mapped Directories, etc.). Basically, he wants > logging on in the morning to preclude having to even think about > identity until you log off. > > - Chuck "Speaking for Baker, Even Though He's Here To Speak For > Himself" Barouch > > > -----Original Message----- > > From: [EMAIL PROTECTED] On Behalf Of Baker Hughes > > Sent: 19 April 2007 14:49 > > To: u2-users@listserver.u2ug.org > > Subject: [U2] Single Signon for U2 - Identity Management ? > > [snip] > > > > Does anyone know of an Identity Management Suite that is U2 > > aware? > > [snip] > > > > What we need - single signon and immediate access to those systems, > > servers, storage that your identity allows. Whatever you don't have > > rights to, you can't see (an old Novell concept that Microslop still > > doesn't get). > > > > Thanks for any guidance. > > > > -Baker > > ------- > > u2-users mailing list > > u2-users@listserver.u2ug.org > > To unsubscribe please visit http://listserver.u2ug.org/ The information contained in this Internet Email message is intended for the addressee only and may contain privileged information, but not necessarily the official views or opinions of the New Zealand Defence Force. If you are not the intended recipient you must not use, disclose, copy or distribute this message or the information in it. If you have received this message in error, please Email or telephone the sender immediately. ------- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/
