User ID and password validation

I'm doing it by script file from POWERTERM emulator. Yes we are at security level 30 on a 720. Are you going to give me bad news ? Or what to think if we move to level 40 ? Thanks.

User ID and password validation

No offense meant, but.... Since you have already bypassed the security system by creating a job that auto-signs on, why not create a file with valid passwords? The file should be keyed by the password. If the user keys in a password that is found on a CHAIN operation, you allow them to continue on. You could also include a device name in the file and in this manner, use both the device and password as the key and only advance when a match is found. -bret p.s. sorry if I sound condescending, it really is not meant that way. I just have poor people skills at times.

User ID and password validation

No please no application files. The password and user must stay strickly AS/400 concern. But thanks.

User ID and password validation

You might want to check into the Get Profile Handle (QSYGETPH) API. This API will accept an AS/400 user profile and password and validate it for you. This means you'll have to log onto the system automagically, like you are doing now, then have the user enter in a profile and password, and you'll pass this information to the profile checker APIs. If the profile and password is valid, then you'll let them continue. If not, log off the workstation. Look here for more information. Search BOOKs for this API.

User ID and password validation

I thaught that this API was only for server purposes ? That's what I read from the book ?

User ID and password validation

I'm not sure where you got the idea that QSYGETPH only runs on a server. That's not true. I've attached some sample code you can use to do what you want. You can modify it as you see fit. Basically what happens in the sample code is that you call the CL program VALUSRPRFC, passing it a 10 character User Profile and a 10 Character Password. VALUSRPRFC will call VALUSRPRF, passing it those values, and an additional 1 character variable. RPGIV program VALUSRPRF will call the QSYGETPH API. It will validate the user profile and password for you. There are several tests it performs, and you can monitor the results of those test by the value placed in the error message it returns. I've listed those possible error messages in the code. In the sample, all I do is check to see if anything is in that error message ID field. If it is, I set the extra parameter passed to this program to "N". Otherwise, I set that parameter to "Y". The last step is to release that profile handle, just as a housekeeping measure. When control returns to the CL program, if the extra parameter I passed contains a "N", I signoff the job. If it contains anything else, I let the job continue. You should be able to modify this code/technique to meet your specific requirements.

valusrprf.zip

User ID and password validation

I'm not sure where you got the idea that QSYGETPH only runs on a server. That's not true. I've attached some sample code you can use to do what you want. You can modify it as you see fit. Basically what happens in the sample code is that you call the CL program VALUSRPRFC, passing it a 10 character User Profile and a 10 Character Password. VALUSRPRFC will call VALUSRPRF, passing it those values, and an additional 1 character variable. RPGIV program VALUSRPRF will call the QSYGETPH API. It will validate the user profile and password for you. There are several tests it performs, and you can monitor the results of those test by the value placed in the error message it returns. I've listed those possible error messages in the code. In the sample, all I do is check to see if anything is in that error message ID field. If it is, I set the extra parameter passed to this program to "N". Otherwise, I set that parameter to "Y". The last step is to release that profile handle, just as a housekeeping measure. When control returns to the CL program, if the extra parameter I passed contains a "N", I signoff the job. If it contains anything else, I let the job continue. You should be able to modify this code/technique to meet your specific requirements.

valusrprf.zip

User ID and password validation

Hello ! I need to validate a user profile and password as a valid as/400 user profile from within an application. Situation: I got scanning station with automatic signon to as/400 for version security but my users cannont signon to more than one scanning station. So by making an automatic signon identified to a specific scanning station I would be able to ask the user to identify itself to the as/400 with a valid as/400 profile. The only idea so far to make 2 cl pgm. 1st display information entry sreen and validate user profile from as/400 object. 2nd cl pgm in batch submitted with the profile and password entered from fake signon screen validates the password with command CHKPWD. Note: CHKPWD validates password for signed on user profile only from current job. IS THERE A ANOTHER WAY OF DOING FAKE SIGNON SCREEN WITH VALIDATION LIKE AS/400 SECURITY ????????????? THANKS !

User ID and password validation

The danger of using QSYGETPH to validate a user ID and password is that you forget that the API takes special values such as *CURRENT for user ID and *NOPWD for the password field. These values can be used to get a profile handle from QSYGETPH without needing to know the name of a user profile or know a password. When using QSYGETPH to verify a user ID and password I recommend that your program always look at the first character of the users input for both of these fields and reject the request if either one starts with an asterisk ("*"). Otherwise you may be giving someone access to your system that does not have a user ID or password. Ed Fishel