2.2 Security Considerations
Following are some considerations for LANSA for the Web security:
- LANSA for the Web provides additional security features, on top of the security features provided by the Web serving products.
- LANSA for the Web allows for anonymous user access. Anonymous access allows a casual visitor to use your Web applications without a user profile. There is a Data/Application Server user profile assigned to this anonymous user. This profile should only have minimal access rights on your Server.
- It is recommended that you start with anonymous user access when you first install, configure and test the LANSA for the Web software. Once you have this level of authentication working properly, you can easily implement partial or full user authentication.
- If you decide not to use the anonymous user access option, refer to the security information in the .
- If you intend to allow for anonymous user access to your applications, you can also configure LANSA for the Web to enforce user authentication to specific Web applications. Partial or process level authentication allows you to restrict access to a specific set of Web enabled applications while still allowing anonymous user access to the rest of your Web enabled applications. The casual visitor to your Web site can access the applications, which are intended for public access. Partial or process level authentication is not available for WAMs.
- You may choose to implement the full user authentication model. A user must enter a valid user profile and password to access any part of your application. Public access will not be allowed to any part of your application.
Also see