Anonymous Sessions

Owned by Brian May
Last updated: Aug 16, 2023 by Jessica Tomkins
2 min read

 

When using an anonymous session, the user is not required to sign into the IBM i operating system at all. When running in an anonymous session the user automatically comes to the requested application and the IBM i application job will always run under user profile QTMHHTP1.

This type of session is appropriate for those applications where it is not desired to give operating system profiles to the users.  For example, an anonymous session can be used to create an application which presents its own sign on panel that validates credentials against a DB2 file on the server.

Anonymous sessions can also be used as a quick way for developers to get started with Profound UI as it’s easy to call up any desired program in an anonymous session.

Entry Points for Anonymous Sessions

Profound UI requires that the entry point program (that is the first program call used to start an anonymous session) be registered in DB2 file PROFOUNDUI/PUI0001200. This file contains a unique listing of programs that can serve as entry points to a Profound UI session.  Any program that is not registered in PROFOUNDUI/PUI0001200 cannot be used to initiate an anonymous session. Any attempt to start a session with an unregistered program will result in exception PUI0022.

Customers can create either single or multiple entry point systems using this database.

Maintenance of PUI0001200 Database

The database can be maintained using any data entry tool available. There is also a maintenance dialog included in the Profound UI visual designer. Use option Launch->Maintain Anonymous Programs to maintain the database.

Security for Anonymous Sessions

After the anonymous session is initiated, it is the entirely the responsibility of the called program to ensure that only appropriate access to additional programs and data are granted to the user.  All users will be seen by the system as being QTMHHTP1, so the program will need to perform its own authentication.

Starting an Anonymous Session

Anonymous sessions can be started by passing the desired entry point program on the URL as shown here:

http://YourSystem:8080/profoundui/start?pgm=yourlib/yourpgm

If the program is registered as an entry point the anonymous session will start and the specified application will be called. If not, the Profound UI error panel will display indicating the PUI0022 security exception.

The Profound UI designer also has an option to open a browser window to an anonymous session. Use Launch->Launch Anonymous Program to do this.

Disabling Anonymous Sessions

Anonymous sessions can be completely disabled by removing all records from PROFOUNDUI/PUI0001200.