• Subject: Re: Web based password change system
  • From: Andrew.Lutz@xxxxxxxxxx
  • Date: Tue, 3 Jul 2001 13:35:37 -0500


Jim,

This will not work if the password is in 'expired' status.

I am using the same solution for changing passwords.  The catch...if the user
has let their password expire.

The only exception I can think of  --- Are running this program from a
unsecured area?

Andrew



                                                                                
                                          
                    Jim Langston                                                
                                          
                    <jimlangston@conexfr        To:     WEB400@midrange.com     
                                          
                    eight.com>                  cc:                             
                                          
                    Sent by:                    Subject:     Re: Web based 
password change system                         
                    owner-web400@midrang                                        
                                          
                    e.com                                                       
                                          
                                                                                
                                          
                                                                                
                                          
                    07/03/2001 12:40 PM                                         
                                          
                    Please respond to                                           
                                          
                    WEB400                                                      
                                          
                                                                                
                                          
                                                                                
                                          




Actually, I did this at one time and it actually was a very simple
program.  Just write an RPG program to receive 3 parameters and
return one parameter.  The 3 parameters it receives are:
User_Name
Existing_Password
New_Password

This RPG program then calls the API to confirm a user's existing
password.  If the existing password matches, then using another
API change the user's password and return success.  When I wrote
this program we had it return an 80 character string.  The first
few chars said if there was an error or not, and then the text
if there was an error.  Something like the FTP uses.

Now that you have this program, you can call it from wherever you
want.  We initially wrote a simple web page that had 4 fields, user
name, old password, and new password twice.  A different RPG program
checked first that the new passwords were the same twice.  If they
were the same, it would call the second RPG program and then build a
dynamic web page utilizing the string returned from the first rpg
program.

Then we decided some people may not want to use the web browser, so
wrote a little delphi program that called the RPG program using port
80, HTTP.  A little mini web browser.  This Delphi program confirmed
the 2 new passwords first, then it called the 2nd RPG program, it then
grabbed the 2nd or 3rd line of the web page returned and parsed out the
80 char return string.  If the first chars were '  0' the Delphi program
said Success!.  If it wasn't '  0' it displayed the string in
the window.

It really is not that difficult at all, once you write the change
password RPG program.  And that program has a few APIs calls and
passes parameters back and forth, fairly simple.

Unfortunately, I no longer work at that company so don't have the source
code to that program, but it was half a days work or so, even figuring
out what APIs to call.

Oh, and the change password RPG program doesn't care if the user profile
is expired or not either.

This is like the 4th time I've seen this request for this same program,
maybe I'll just take the time this weekend to write it, if I remember.

Regards,

Jim Langston

Me transmitte sursum, Caledoni!

Andrew.Lutz@abbott.com wrote:
>
> Let me know if you find anything,
>
> I am using the API's to change a password, but once the password is expired
> it's a 'call the helpdesk' solution.
>
> Andrew
>
>
<SNIP>
>                     David Gibbs

> Folks:
>
> Does anyone know of a web based password change system available for the
> 400?  Commercial, shareware, or open source are all find.
>
> I'm basically looking for a stand alone system to allow users to change
> their AS400 password (even after their current password has expired) via the
> web.
>
> Thanks!
>
> david
+---
| This is the WEB400 Mailing List!
| To submit a new message, send your mail to WEB400@midrange.com.
| To subscribe to this list send email to WEB400-SUB@midrange.com.
| To unsubscribe from this list send email to WEB400-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---




+---
| This is the WEB400 Mailing List!
| To submit a new message, send your mail to WEB400@midrange.com.
| To subscribe to this list send email to WEB400-SUB@midrange.com.
| To unsubscribe from this list send email to WEB400-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.