browser access to as400 data - IBM AS400

This is a discussion on browser access to as400 data - IBM AS400 ; how do I secure browser access to as400 data? Should the user be logging onto the website which provides access to data on the as400? No doubt, but what should the user name and password be? If the user logs ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: browser access to as400 data

  1. browser access to as400 data

    how do I secure browser access to as400 data? Should the user be
    logging onto the website which provides access to data on the as400?
    No doubt, but what should the user name and password be? If the user
    logs on with an as400 user name and password, how do you prevent the
    password from being transmitted thru the web, from the browser to the
    web server?

    The web server in this case is a windows xp PC with IIS installed. The
    usage has, to date, been limited to users behind the firewall. Now
    there is a need for users in another location to access this internal
    web server.

    thanks,

  2. Re: browser access to as400 data

    If you use an HTTPS connection (instead of plain HTTP), there should
    be no issues with visible passwords.

    Whether the user authenticates as a Windows user to the webserver, or
    as an AS/400 user to the underlying database, or whether Single-Sign-
    On should be used (authenticating to Windows and AS/400 with the same
    credentials) is difficult to say without more information about your
    situation.

  3. Re: browser access to as400 data

    On Sep 22, 11:28*am, "walker.l2" wrote:
    > If you use an HTTPS connection (instead of plain HTTP), there should
    > be no issues with visible passwords.
    >
    > Whether the user authenticates as a Windows user to the webserver, or
    > as an AS/400 user to the underlying database, or whether Single-Sign-
    > On should be used (authenticating to Windows and AS/400 with the same
    > credentials) is difficult to say without more information about your
    > situation.


    I have an internal web server running on windows xp that provides
    access to data on the as400. ( The asp.net server code uses ODBC and a
    fixed user name and password to get the data from the as400 ). The
    site shows the vendor master in a datagrid, allow add, change, delete
    of the vendors. There is no login because it is only the vendormaster
    and only PCs in the office have access to the 192.168.10.22 ip address
    of the web server. Now I have two additional requirements. Allow
    access to more than the vendor master thru the web server. Allow users
    outside of the office to access the site. I would like to transition
    to a secure site as simply as possible.

    thanks,

  4. Re: browser access to as400 data

    Steve Richter skrev den 22-09-2008 17:10:

    > No doubt, but what should the user name and password be? If the user
    > logs on with an as400 user name and password, how do you prevent the
    > password from being transmitted thru the web, from the browser to the
    > web server?


    If that part concerns you, you should consider https and ssl for transports.

    > The web server in this case is a windows xp PC with IIS installed. The
    > usage has, to date, been limited to users behind the firewall. Now
    > there is a need for users in another location to access this internal
    > web server.


    You may want to get your IT-staff to construct a VPN between the two
    locations so everything is secured and there is control over what can be
    accessed from where.

  5. Re: browser access to as400 data

    On Sep 22, 1:27*pm, Thorbjørn Ravn Andersen
    wrote:
    > Steve Richter skrev *den 22-09-2008 17:10:
    >
    > > No doubt, but what should the user name and password be? *If the user
    > > logs on with an as400 user name and password, how do you prevent the
    > > password from being transmitted thru the web, from the browser to the
    > > web server?

    >
    > If that part concerns you, you should consider https and ssl for transports.
    >
    > > The web server in this case is a windows xp PC with IIS installed. The
    > > usage has, to date, been limited to users behind the firewall. Now
    > > there is a need for users in another location to access this internal
    > > web server.

    >
    > You may want to get your IT-staff to construct a VPN between the two
    > locations so everything is secured and there is control over what can be
    > accessed from where.


    ok, thanks.


+ Reply to Thread