Authentication API for CGI or RPGsp programs

Profound UI provides a mechanism for CGI or RPGsp programs to determine if users have successfully signed in to Atrium.

To use this mechanism, you must bind CGI or RPG Smart Page program to the service program called PUIATAUTH.  This service program should not be copied from library PROFOUNDUI into the RPGsp or CGI object library. The RPGsp or CGI program should add the PROFOUNDUI library (or other Profound UI installation library) to the list to locate the service program.

Service program PUIATAUTH contains two procedures: Authenticate() and IsAuthorized() with the following prototypes:

D Authenticate    PR           128A   Varying     D  Error                       256A   Varying Options(*VarSize)    D IsAuthorized    PR              N                        D  User                        128A   Const Varying Options(*VarSize)   D  Item                          9P 0 Const                    D  Error                       256A   Varying Options(*VarSize)  

The Authenticate() API determines if the user has given a valid user id/password, and that the user is also on file in the atrium database. It returns the user profile name on success.

The IsAuthorized() API is designed to be called after Authenticate(). It takes the user id, and the menu item number and returns *on or *off based on whether the user is authorized to that menu option.

Authenticate() and IsAuthorized() both return an error using a by reference parameter to see what went wrong if the user is not authorized.

Credentials are passed using Atrium's normal sign-on method, which under the covers is the browser's "BASIC Authentication" scheme.  This means that the credentials will be automatically sent by the browser to all Atrium tabs or Windows until the browser is closed.  (Closing a tab or window does not reset the login information, you must either close the browser completely, or use Atrium's "Exit" button to log out.)