Browse Prior Art Database

Assigning Logonid in CICS Web Interface

IP.com Disclosure Number: IPCOM000123516D
Original Publication Date: 1998-Dec-01
Included in the Prior Art Database: 2005-Apr-04
Document File: 1 page(s) / 45K

Publishing Venue

IBM

Related People

Harris, R: AUTHOR

Abstract

A Security Context for a transaction started in CICS TS* 1.2 for OS/390* is conventionally assigned via the analyser. The analyser - a normal CICS user-supplied program - is traversed early in processing a flow from the Web Browser, setting up the security context for the subsequent transaction that is being initiated as a consequence of the Web Browser's flow into the CICS region.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 68% of the total text.

Assigning Logonid in CICS Web Interface

   A Security Context for a transaction started in CICS TS*
1.2 for OS/390* is conventionally assigned via the analyser.  The
analyser - a normal CICS user-supplied program - is traversed early
in processing a flow from the Web Browser, setting up the security
context for the subsequent transaction that is being initiated as a
consequence of the Web Browser's flow into the CICS region.

   This Security context is the logonid of a user authorised
to use CICS.  By default, all CICS Web Interface initiated
transactions run under a standard logonid (supplied by CWBC).  This
static authorisation is not appropriate to the CICS environment.

   The analyser could be coded to look at the flow, determine
if there is security information present, and if not cause to be
invoked a converter which generates authentication challenge.  This
results in the Web Browser user having to supply a logonid and a
password.  If this is accepted by CICS it is necessary to have this
security context sent back to the Web Browser for re-use on the next
flow in from the Browser.  This is not readily accomplished by the
HTTP protocol in a secure fashion without a secure socket.

   In the system described here, a token is placed inside any
HTML flow returned in the HTTP Response flow to the prior HTTP
request.  The implementation is via a HIDDEN field within a HTML
FORM.

   Use of a Hidden field guarantees that it flows back when
the HTML form is fill...