|
Why would this exit point require that your password be sent in the clear? Remember, iSeries Navigator prompts you for the new password. That prompting might be done with some sort of security. Then it would validate this on your iSeries. And how it validates this on your iSeries, I don't know, but if they can make a secure 5250 client that doesn't send passwords in the clear I am sure that someone can make an iSeries Navigator method for doing so also. Now, once it is on the server and calls this exit point program it's not on your network. Thus who cares if it is in the clear? It never leaves the bus. Rob Berendt -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." Benjamin Franklin "McGivern, Tom" <Tom.McGivern@xxxxxxx> Sent by: midrange-l-bounces@xxxxxxxxxxxx 11/18/2003 02:18 PM Please respond to Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx> To "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx> cc Subject RE: iSeries passwords The problem is, how do you change your password over the network. This exit would require that your password be sent in clear text across the network, so it could validate the content, if it were already encrypted, then it doesn't know what the input was. That's why ops-nav doesn't have it (IMO).. -----Original Message----- From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Andy Nolen-Parkhouse Sent: Tuesday, November 18, 2003 10:43 AM To: 'Midrange Systems Technical Discussion' Subject: RE: iSeries passwords Rob, I agree that you're probably right. But this exit program is a user-written program which receives the old and new passwords as clear parameters and could do what it wants with them, including writing them to a database. While adding an exit point requires a little more sophistication to implement than just changing a system value, it requires the same level of authority (*ALLOBJ and *SECADM) as changing the QPWDVLDPGM system value. What am I missing? Andy > I bet this: > > The password validation exit program > http://publib.boulder.ibm.com/iseries/v5r2/ic2924/info/apis/xsyvlphr.h > tm > > Rob Berendt _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l. This communication is confidential and may be legally privileged. If you are not the intended recipient, (i) please do not read or disclose to others, (ii) please notify the sender by reply mail, and (iii) please delete this communication from your system. Failure to follow this process may be unlawful. Thank you for your cooperation. _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
