Re: Password Validation API

Based on the discussion so far, I have to agree that John Earl's approach is 
the cleanest
and simplest of those discussed.  If there is concern about the password count 
being
increased, one could bump the QMAXSIGN system value by 1 or 2.

Mel Rothman

 

John Earl wrote:
> 
> No need to switch profiles (QWTSETP), just a need to get the profile handle
> (QSYGETPH).  The handle can then immediately be released (QSYRLSPH).
> 
> It can't be more than 20 lines of CL, and the system can also be configured to
> create an Audit Journal entry.   So where is the muss and fuss?
> 
> jte
> 
> Leif Svalgaard wrote:
> 
> > From: Douglas Handy <dhandy1@bellsouth.net>
> > To: <MIDRANGE-L@midrange.com>
> > Sent: Thursday, January 04, 2001 9:43 PM
> > Subject: Re: Password Validation API
> >
> > > Mel,
> > >
> > > >A problem with Get Profile Handle is that if the password is incorrect,
> > the
> > > >incorrect password count is increased.
> > >
> > > If that is perceived as a problem, then you could use Leif's program
> > instead.
> > > Since it does the validation itself, an invalid attempt will not increase
> > the
> > > count.
> >
> > In addition, switching user profiles with Get Profile Handle just to 
>validate
> > a password is a round-about way of doing something that can be done
> > DIRECTLY and simpler with no muss and no fuss.
> >
> 
> --
> John Earl                    johnearl@400security.com
> The PowerTech Group      --> new number --> 253-872-7788
> PowerLock Network Security   www.400security.com
> --
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---