Net.Data Books

Administration and Programming Guide for OS/390


Using Authentication

Authentication is used to ensure that a user ID making a Net.Data request is authorized to access and update data within the application. Authentication is the process of matching the user ID with a password to validate that the request comes from a valid user ID. The Web server associates a user ID with each Net.Data request that it processes. The process or thread that is handling the request can then access any resource to which that user ID is authorized.

In an OS/390 environment, a user ID can become associated with the thread or process that is handling a Net.Data request in one of three ways:

Client-based authentication
The user is prompted for a local OS/390 user ID and password at the client. The Web server then invokes the local security subsystem (such as RACF) to authenticate the user. If successfully authenticated, the supplied user ID is associated with the request. Use of the special Web server %%CLIENT%% access control user ID enables this type of authentication.

Server-based authentication
The user ID of the Web server is associated with each request and the user is not prompted for a user ID or password. This choice is not recommended because of the level of authority usually associated with the Web server's user ID. Use of the special Web server %%SERVER%% access control user ID enables this type of authentication.

Surrogate authentication
A surrogate user ID that has the authority to access some predefined collection of resources is associated with the client request. This type of authentication requires the creation of surrogate user IDs with access authority that is appropriate for a group of users or class of requests.

The approach that the Web server uses for associating a user ID with a client request is specified when the Web server is configured. For additional detail on access control user IDs, on installing the Web server, and on using the Protect, Protection, DefProt, and UserId directives to configure the Web server, refer to:


[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]