Yes i m still there, and a few years to go.
Once you turn on IBM z MFA, when you log on to EOS access, you should get the request for the 2nd factor.
The web services are still needed. EOS access cannot work without the web services.
Let us know if you encounter any issue.
Martin
------------------------------
Martin Floret
Director Engineering
Rocketsoftware
Geneva Switzerland.
------------------------------
Original Message:
Sent: 07-20-2023 11:36
From: Charles Lehmann
Subject: EOS 360 Multi-Factor Authentication
Bonjour Martin,
What a surprise! I thought you were already retired. I hope you are doing fine.
Thank you for your answer. If I understand well, after having installed and configured IBM z Multi-Factor Authentication, MFA can be turned on for EOS as well? Is then EOS Access Web Services still needed?
Cheers.
Charles
------------------------------
Charles Lehmann
IBM Switzerland
Prilly CH
Original Message:
Sent: 07-18-2023 08:09
From: Martin Floret
Subject: EOS 360 Multi-Factor Authentication
Bonjour Charles,
In the case of MFA (multi factor authentication), the control is done on the server side. WHen you login via EOS access to the EOS server, the password is authenticated by RACF on z/OS. THen if you have MFA in place for RACF, a second factor will be requested by the mainframe MFA to the user before giving te OK to EOS access.
So if you have implemented MFA at the RACF level there is nothing to do in EOS access.
If if your are implanting SSO (Single Sign On), this is a differrent story and in this case there is configuration to do in EOS access
------------------------------
Martin Floret
Product Management Director
Rocket Internal - All Brands
Waltham MA US
Original Message:
Sent: 07-17-2023 11:11
From: Charles Lehmann
Subject: EOS 360 Multi-Factor Authentication
Hi,
We are seeking to implement Multi-Factor Authentication for EOS 360. I was told that this could be done using the EOS Access Web Service. Going through the Web Access System Requirements of the Installation Guide, I saw that a J2EE Web server was required.
Does that mean that the Multi-Factor Authentication will be performed on this Web server? Is my assumption correct that any "flavor" of authentication, such as SecurID, could be implemented?
Thanks in advance
Charles
------------------------------
Charles Lehmann
IBM Switzerland
Prilly CH
------------------------------