• Subject: Re: Web based password change system
  • From: Jim Langston <jimlangston@xxxxxxxxxxxxxxxx>
  • Date: Tue, 03 Jul 2001 13:09:09 -0700
  • Organization: Pacer International

Hmm..

I recall that it did work if it was expired, Andrew.  Perhaps it was
a different password validation call I used then you did.  There are
a number of ways to validate the password I remember, and some of them
did look at the expiration, some didn't.

Andrew.Lutz@abbott.com wrote:
> 
> Jim,
> 
> This will not work if the password is in 'expired' status.
> 
> I am using the same solution for changing passwords.  The catch...if the user
> has let their password expire.
> 
> The only exception I can think of  --- Are running this program from a
> unsecured area?
> 
> Andrew
> 
> 
>                     Jim Langston
>                     <jimlangston@conexfr        To:     WEB400@midrange.com
>                     eight.com>                  cc:
>                     Sent by:                    Subject:     Re: Web based 
>password change system
>                     owner-web400@midrang
>                     e.com
> 
> 
>                     07/03/2001 12:40 PM
>                     Please respond to
>                     WEB400
> 
> 
> 
> Actually, I did this at one time and it actually was a very simple
> program.  Just write an RPG program to receive 3 parameters and
> return one parameter.  The 3 parameters it receives are:
> User_Name
> Existing_Password
> New_Password
> 
> This RPG program then calls the API to confirm a user's existing
> password.  If the existing password matches, then using another
> API change the user's password and return success.  When I wrote
> this program we had it return an 80 character string.  The first
> few chars said if there was an error or not, and then the text
> if there was an error.  Something like the FTP uses.
> 
> Now that you have this program, you can call it from wherever you
> want.  We initially wrote a simple web page that had 4 fields, user
> name, old password, and new password twice.  A different RPG program
> checked first that the new passwords were the same twice.  If they
> were the same, it would call the second RPG program and then build a
> dynamic web page utilizing the string returned from the first rpg
> program.
> 
> Then we decided some people may not want to use the web browser, so
> wrote a little delphi program that called the RPG program using port
> 80, HTTP.  A little mini web browser.  This Delphi program confirmed
> the 2 new passwords first, then it called the 2nd RPG program, it then
> grabbed the 2nd or 3rd line of the web page returned and parsed out the
> 80 char return string.  If the first chars were '  0' the Delphi program
> said Success!.  If it wasn't '  0' it displayed the string in
> the window.
> 
> It really is not that difficult at all, once you write the change
> password RPG program.  And that program has a few APIs calls and
> passes parameters back and forth, fairly simple.
> 
> Unfortunately, I no longer work at that company so don't have the source
> code to that program, but it was half a days work or so, even figuring
> out what APIs to call.
> 
> Oh, and the change password RPG program doesn't care if the user profile
> is expired or not either.
> 
> This is like the 4th time I've seen this request for this same program,
> maybe I'll just take the time this weekend to write it, if I remember.
> 
> Regards,
> 
> Jim Langston
> 
> Me transmitte sursum, Caledoni!
> 
> Andrew.Lutz@abbott.com wrote:
> >
> > Let me know if you find anything,
> >
> > I am using the API's to change a password, but once the password is expired
> > it's a 'call the helpdesk' solution.
> >
> > Andrew
> >
> >
> <SNIP>
> >                     David Gibbs
> 
> > Folks:
> >
> > Does anyone know of a web based password change system available for the
> > 400?  Commercial, shareware, or open source are all find.
> >
> > I'm basically looking for a stand alone system to allow users to change
> > their AS400 password (even after their current password has expired) via the
> > web.
> >
> > Thanks!
> >
> > david
> +---
> | This is the WEB400 Mailing List!
> | To submit a new message, send your mail to WEB400@midrange.com.
> | To subscribe to this list send email to WEB400-SUB@midrange.com.
> | To unsubscribe from this list send email to WEB400-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator: david@midrange.com
> +---
> 
> +---
> | This is the WEB400 Mailing List!
> | To submit a new message, send your mail to WEB400@midrange.com.
> | To subscribe to this list send email to WEB400-SUB@midrange.com.
> | To unsubscribe from this list send email to WEB400-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator: david@midrange.com
> +---

-- 


Regards,

Jim Langston

Me transmitte sursum, Caledoni!
+---
| This is the WEB400 Mailing List!
| To submit a new message, send your mail to WEB400@midrange.com.
| To subscribe to this list send email to WEB400-SUB@midrange.com.
| To unsubscribe from this list send email to WEB400-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.