Re: iseries validation lists & logoff button

You can't change the value on the server side to do what you want.
Browser's store the user name and password locally and send it
everytime they make a request after someone logs in. The only way to
make the browser challenge the user again is to send a 401 response
back to the client but knowing when to do that can be tricky (it also
will pop up the login diaglog which is ugly).

The best way to do what you want is to use forms based authentication
to log in. When a person logs in, you store a cookie on thier PC with a
session id (you'll want the cookie to expire in a fairly short time so
they automatically get logged out if they just walk away) and store the
session id in a table that maps to thier user name. Instead of using
REMOTE_USER to find out who they are, you use the session id. You'll
also want to have a clean up job that runs periodically to clean up
your session table so it doesn't get huge. When I did this, I stored
the expiration date and time in the table to make it easier to tell
what needs to be deleted.

Matt

James Perkins wrote:
> "marty" <montrealhhh@xxxxxxxxxx> wrote in message
> news:1137604228.730021.99610@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> > This *sounds* like what I am looking for, but it is not clear that we
> > are talking about the same "environmental variables". I am using them
> > in CGI/HTTP server context.
> >
> > from Apache site:
> > "The Apache HTTP Server provides a mechanism for storing information in
> > named variables that are called environment variables. This information
> > can be used to control various operations such as logging or access
> > control. The variables are also used as a mechanism
> > to communicate with external programs such as CGI scripts.
> >
> > I found the reference in the IBM manual but it makes no reference to
> > CGI.
> > ref:
> > http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/cl/chgenvvar.htm
> >
> >
> Well, I don't know much about CGI/HTTP. Here we use Java and JSP's. The
> CHGENVVAR is an OS command. I guess I assumed since you are doing this in
> RPG it would be able to access this environment variable. How do you access
> this to get the username in your RPG programs? I would assume there has to
> be a way to do this. Sorry I'm not much help.
>
> James R. Perkins

.

Loading