MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » July 2014

Re: Expired password change anomaly



fixed

Monnier, Gary wrote:
Seems to me if you are obtaining a handle for a profile with an
expired password and are not using *NOPWDCHK or *NOPWDSTS for the
password parameter you may have found a serious bug.

Seems to me that we're using the call to QSYGETPH only to determine whether the password is (1) correct, and (2) expired. Since we spawn off jobs, rather than doing profile-swaps, we don't actually use the profile handle; we only care about the exception (or lack thereof).

Therefore, using *NOPWDCHK or *NOPWDSTS would defeat our whole purpose of calling QSYGETPH. Besides, if we KNEW whether the password was correct, and whether or not it was expired, we wouldn't have any reason to call QSYGETPH in the first place.

--
JHHL





Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact