Authentication User Storage

You have two choices to make when you are setting up authentication: what kind of file to store users in and the user password storage mode.

What Kind of File to Store Users In

You can choose to store users in database files or stream files. This choice can be made separately for each user file (e.g. you can have one user stream file and one user database file for the same server).

Stream File
This file type is compatible with NCSA servers and is ideal for holding a small number of users that does not change very often. Because it is read into the memory of each request processor during server startup and reconfiguration, it is not good for files containing a large number of users.
Database File
This file type is ideal for large numbers of users and for cases where the list of users changes often. This file type is not read into memory by each request processor, conserving system memory. There is a small additional performance penalty to pay for each request that is authenticated with this type of file because the server needs to access the database file for each request.

Remember that if performance is a concern, you can protect one area (or set of areas) with a stream file while protecting another area (or areas) with a database file. You choose the type of file to store users in with the Authentication User File configuration value. To migrate stream files into database files, you can use the MIGWBLUSR command.

User Password Storage Mode

It is possible to use authentication user files that were originally created for use with Web Server/400 or Commerce Server/400. The way that user passwords are stored changed starting with Web Server/400 version 1.3. Webulator/400 can be configured to use either the new mode or the old mode (for backward compatibility). The new mode is called Normalized while the old mode is called Compatible.

Normalized Password Storage
In this mode, the server converts all passwords to upper case and to a common CCSID before hashing them with the RSA Data Security, Inc. MD5 Message-Digest Algorithm. The conversion to upper case allows the server to match passwords in a case-insensitive way, which is in line with general AS/400 operation. The conversion to a common CCSID allows users with different CCSIDs to manage the same user file.
Compatible Password Storage
In this mode, the server does no conversion before hashing passwords. This is the method used in Web Server/400 versions prior to 1.3. If you are using authentication user files originally created for Web Server/400 and have any passwords that were created in this mode, you must either continue to use this mode, or change to the new mode and re-enter the old passwords.

This mode is set through the Authentication Password Storage configuration value. When a new server is installed, the configuration files that are installed with it will specify Normalized mode.