<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en-us" xml:lang="en-us"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="security" content="public" /> <meta name="Robots" content="index,follow" /> <meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' /> <meta name="DC.Type" content="topic" /> <meta name="DC.Title" content="Validation list on HTTP Server" /> <meta name="abstract" content="This topic provides information about validation lists for limiting access to your HTTP Server." /> <meta name="description" content="This topic provides information about validation lists for limiting access to your HTTP Server." /> <meta name="DC.Relation" scheme="URI" content="rzaieconcepts.htm" /> <meta name="copyright" content="(C) Copyright IBM Corporation 2002,2006" /> <meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002,2006" /> <meta name="DC.Format" content="XHTML" /> <meta name="DC.Identifier" content="rzaievalidlist" /> <meta name="DC.Language" content="en-us" /> <!-- All rights reserved. Licensed Materials Property of IBM --> <!-- US Government Users Restricted Rights --> <!-- Use, duplication or disclosure restricted by --> <!-- GSA ADP Schedule Contract with IBM Corp. --> <link rel="stylesheet" type="text/css" href="./ibmdita.css" /> <link rel="stylesheet" type="text/css" href="./ic.css" /> <title>Validation list on HTTP Server</title> </head> <body id="rzaievalidlist"><a name="rzaievalidlist"><!-- --></a> <!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script> <h1 class="topictitle1">Validation list on HTTP Server</h1> <div><p>This topic provides information about validation lists for limiting access to your HTTP Server.</p> <div class="important"><span class="importanttitle">Important:</span> Information for this topic supports the latest PTF levels for HTTP Server for i5/OS . It is recommended that you install the latest PTFs to upgrade to the latest level of the HTTP Server for i5/OS. Some of the topics documented here are not available prior to this update. See <a href="http://www-03.ibm.com/servers/eserver/iseries/software/http/services/service.html" target="_blank">http://www.ibm.com/servers/eserver/iseries/software/http/services/service.htm</a> <img src="www.gif" alt="Link outside Information Center" /> for more information. </div> <p>Your system uses validation lists in conjunction with other resources to limit access to your server resources. Each validation list contains a list of Internet users and their passwords. Each Internet user has one valid password defined for it. An iSeries™ user profile is never created for the internet users. </p> <p>A validation list is an AS/400 object of type *VLDL that stores user names and passwords or SSL certificates for use in access control. Validation lists are case-sensitive. Validation lists reside in iSeries libraries and are required when adding a user unless you are adding the user to a group file. If you enter a validation list that does not exist, the system will create it for you. </p> <p>To create and delete validation lists, you can use the CL commands Create Validation List (CRTVLDL) and the Delete Validation List (DLTVLDL). <a href="../apis/sec6.htm">Application Programming Interfaces (APIs)</a> are also provided to allow applications to add, change, remove, verify (authenticate), and find entries in a validation list.</p> <p>Validation list objects are available for all applications to use. For example, if an application requires a password, the application passwords can be stored in a validation list object rather than a database file. The application can use the validation list APIs to verify a user's password, which is encrypted, rather than the application performing the verification itself. </p> </div> <div> <div class="familylinks"> <div class="parentlink"><strong>Parent topic:</strong> <a href="rzaieconcepts.htm" title="This topic provides concepts of functions on HTTP Server and IBM Web Administration for i5/OS interface.">Concepts of functions of HTTP Server</a></div> </div> </div> </body> </html>