Validation list are a new object type *vldl since OS/400 V4R1.
This object type was created to support the definition and
the validation of internet users
in a more appropriate way than traditional user profiles.
A validation list can be created with command
crtvldl
A validation list entry defines three pieces of
information (all case sensitive and variable length) for a given internet user:
- the user name
- the user password
- the user description
A validation list is used in a protection setup
to validate access to given Web pages (
See
our cases on External Protection).
Validation list entries can be maintained through
the ADMIN HTTP server:
- http://yr_tcp_address:2001
- logon as QSECOFR
- select IBM HTTP Server for AS/400
- select Configuration and Administration
- select Internet Users
Apart from this official tool, you have no other
way to maintain validation lists,
unless writing your own program.
There are a number of reasons why you would like to develop
such a program:
- you may want to have a Web program
assigning new internet users
- you may want to have an internal program
(run in CGI or in interactive mode)
able to maintain (list, add, change, remove)
validation list entries
- you want to retrieve user passwords
(ADMIN program does not)
Writing such a program is not easy,
as any I/O operation to the validation list
must be done through Security APIs
(See
OS/400 Security APIs V4R4
SC41-5872-03)
This is why we have made available to you
our validation list utility
that you may download along with our other stuff
on protection (library WEBSECURE)
and easily modify for your own needs.
Our utility is the CGI program
websecure/wrkvldl made from the following
sources:
-
Member wrkvldl in source file websecure/htmlsrc:
the external HTML used by the CGI
-
Member wrkvldl in source file websecure/qrpglesrc:
the main module of the CGI
-
Member lstvldl in source file websecure/qrpglesrc:
the module providing a list of the validation
list entries
-
Member getvldle in source file websecure/qrpglesrc:
the module providing a validation list entry at a time to module lstvldl
list entries
-
Member wrkvldle in source file websecure/qrpglesrc:
the module providing validation list entry maintenance(add, change, remove an entry)
The split of the CGI program into five modules was done
to help you in re-engineer the code.
As an example: should you have the need to have a CGI
to allow remote users to enroll in some facility of your site,
you might take module We also provide an example of how to use one of the modules
of the utility. This example allows to list the entries of
whatever validation list, provided the appropriate authorization
is given. You may try it. Just remember to logon with username
mary and password mary.
We suggest you try to list the entries of validation list
inetusr in library websecure.