| | | | Password File
Setting Up the Password File | Sample Password File
One of the methods you can use to authenticate a web browser user is to check the user against the contents of a password file. A password file contains a site-maintained list of user names (for example, userids), their passwords, and, optionally, private information. To indicate that you want VM:Webgateway to use a password file, place a PASSWORD FILE access control record in a DIRMAP file or ACCESS file. When VM:Webgateway encounters a PASSWORD FILE access control record and one of the following access control records, it reads a password file to authenticate the web browser user that is requesting data: Specify the name and location of the password file on the PASSWORD FILE record. A password file can reside on any minidisk, SFS directory, or BFS directroy on your system. You can have more than one password file. However, for each request to serve data, VM:Webgateway can use only one password file. This means that VM:Webgateway should encounter only one PASSWORD access control record when processing a request to serve data. Perform the following steps to set up the password file: - Place a user name (for example, a userid), password, and optional private information on each line of the file.
The user name must start in column one. The line is blank delimited; that is, the user name, password, and optional private information must be separated by at least one blank. Blank lines and comments are not permitted. VM:Webgateway does not use the private information. You can use it to hold information for a site-defined application. For example, it can hold a database password that is different from a user's password. VM:Webgateway authenticates a user name supplied by the web browser user by comparing it with the user names specified in the password file. If a match is found and the line contains private information, VM:Webgateway stores the private information from the matching line in the CGI variable, X_AUTH_PRIVATE_INFO. - Make sure the user names and passwords are in the correct case.
The user names and passwords are case sensitive. VM:Webgateway does not translate the case of the user names and passwords in the password file when comparing them to the user name and password supplied by a web browser user. VM:Webgateway may translate the case of the user name and password supplied by the web browser user. Specify how you want VM:Webgateway to translate the user name and password supplied by the web browser user by using the case parameter (UPPER, MIXED, LOWER) of the PASSWORD FILE record. For example, if the UPPER parameter is specified on the PASSWORD FILE record, VM:Webgateway translates the user name and password supplied by the web browser user to uppercase before comparing it with the user names and passwords in the password file. In this case, the user names and passwords must be uppercase in the password file to match. - Sort the password file by user name.
Sort the file using EBCDIC collating sequence. That is, you must sort the file on a system that uses EBCDIC, such as VM. Use the XEDIT SORT command or the SORT stage with a CMS PIPE command to sort the file. XEDIT SORT The following shows how to sort the password file when the user names are in columns 1-8: - Enter the XEDIT command to edit the password file.
- From the XEDIT command line, enter:
SORT * A 1 8 CMS PIPE Command To sort the password file using the CMS PIPE command, enter the PIPE command from CMS. In the following example, the password file is PASSWD FILE A and the user names are in columns 1-8: PIPE < PASSWD FILE A | SORT 1-8 ASCENDING | > PASSWD FILE A The following shows a sample password file that contains user names in columns 1-8, passwords in columns 10-17, and private information starting in column 19: ===== * * * Top of File * * *
|...+....1....+....2....+....3....+....4....+..
===== ANDREW SMILES DB120BK
===== BECKY DOGS DB908BK
===== DANIEL BALLOON DB517DT
===== EMILY COOKIE DB321EK
===== LEANNA DOLLS DB104LT
===== LINDSAY BALLET DB211LM
===== MARK TRUCKS DB127MM
===== * * * End of File * * *
|
