Profound UI provides a mechanism for CGI or RPGsp programs to determine if users have successfully signed in to Atrium.
To use this mechanism, you must bind CGI or RPG Smart Page program to the service program called PUIATAUTH. This service should not be copied from library PROFOUNDUI into the RPGsp or CGI object library. The RPGsp or CGI program should add the PROFOUNDUI library (or other Profound UI installation library) to the list to locate the service program.
Service program PUIATAUTH contains two procedures: Authenticate() and IsAuthorized() with the following prototypes:
D Authenticate PR 128A Varying D Error 256A Varying Options(*VarSize) D IsAuthorized PR N D User 128A Const Varying Options(*VarSize) D Item 9P 0 Const D Error 256A Varying Options(*VarSize)
The Authenticate() API determines if the user has given a valid user id/password, and that the user is also on file in the atrium database. It returns the user profile name on success.
The IsAuthorized() API is designed to be called after Authenticate(). It takes the user id, and the menu item number and returns *on or *off based on whether the user is authorized to that menu option.
Authenticate() and IsAuthorized() both return an error using a by reference parameter to see what went wrong if the user is not authorized.
In addition, Atrium will pass a parameter called AT_AUTH on the query string to the program. This parameter is used by Authenticate() and must be passed along as a hidden field or a query string parameter as the user navigates between various parts of the application.
Below is an example of setting up the hidden field in RPGsp:
<input type="hidden" name="AT_AUTH" value="<% RPGspIn('AT_AUTH') %>