> I think that using the get profile handle is the best choice because it is > easy to use, it increments the incorrect password count for the user > profile, and it audits the fact that an incorrect password was used. It > also has the advantage that it is part of the system and it will be > maintained and supported in future releases just like Office Vision? or QVTRMSTG? or As/400 Firewall? or ? The QSYGETPH API follows this process: Verifies that the user ID and password are correct. Incorrect passwords and special cases are handled as follows: On level 10 systems, only the user ID is validated because no passwords are required. If the password is not correct, the incorrect password count is increased. (The QMAXSIGN system value contains the maximum number of incorrect attempts to sign on.) If the QMAXSGNACN system value is set to disable the user profile, repeated attempts to validate an incorrect password disable the user ID. This keeps applications from methodically determining user passwords. If the user ID is *CURRENT, the QSYGETPH API does not verify the password. If the password is *NOPWD, the user requesting the profile handle must have *USE authority to the user profile. If the user profile is disabled or the password is expired, the call ends without generating a profile handle. To obtain a profile handle for a profile that does not have a password, specify *NOPWD for the password parameter. You cannot obtain a profile handle for the following system-supplied user profiles: QDBSHR QFNC QNETSPLF QSPLJOB QDFTOWN QGATE QRJE QSYS QDOC QLPAUTO QSNADS QMSF QDSNX QLPINSTALL QSPL QTSTRQS A single job can create up to 25574 profile handles; after that, the space to store them is full. Message CPF22E6 is sent to the application, and QSYGETPH stops generating profile handles. Updates the last-used date for the user and group profiles. Resets the signon attempts not valid count to zero. If security-related events are being audited, adds an entry to the QAUDJRN audit journal to indicate that a profile handle is created. ---- If this behavior is what you want, QSYGETPH is for you, otherwise use the direct method. ---- BTW the above was taken from V3R2 documentation, but QSYGETPH has been removed from V4R5 documentation or has been moved (IBM playing their usual shell game here). +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: email@example.com +---
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.