334 lines
10 KiB
HTML
334 lines
10 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
|
<title>Validate Password Exit Program</title>
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<!-- Begin Header Records ========================================== -->
|
|
<!-- This file has undergone html cleanup June 2002 by JET -->
|
|
<!--End Header Records -->
|
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
|
</head>
|
|
<body>
|
|
<a name="top_Of_Page"></a>
|
|
<!-- Java sync-link -->
|
|
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
|
|
</script>
|
|
|
|
<h2>Validate Password Exit Program</h2>
|
|
|
|
<div class="box" style="width: 70%;">
|
|
<br>
|
|
Required Parameter:<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
<table width="100%">
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">1</td>
|
|
<td align="left" valign="top" width="50%">Validate password exit
|
|
information</td>
|
|
<td align="left" valign="top" width="20%">Input</td>
|
|
<td align="left" valign="top" width="20%">Char(*)</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">2</td>
|
|
<td align="left" valign="top">Return indicator</td>
|
|
<td align="left" valign="top">Output</td>
|
|
<td align="left" valign="top">Char(1)</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
QSYSINC Member Name: EVLDPWD1<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
Exit Point Name: QIBM_QSY_VLD_PASSWRD<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
Exit Point Format Name: VLDP0100<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
</div>
|
|
|
|
<p>The Validate Password exit program is called when a Change Password (CHGPWD)
|
|
command or Change Password (QSYCHGPW) API is executed. The exit program is
|
|
called after the password composition rules have been checked.</p>
|
|
|
|
<p>The exit program examines the old and new password values for conformance
|
|
with customer unique password composition rules. The exit program returns an
|
|
indication whether the new password should be accepted or rejected. The exit
|
|
point supports multiple exit programs. However, additional exit programs will
|
|
not be called after receiving a indication that the new password should be
|
|
rejected from one of the exit programs. (For information about adding an exit
|
|
program to an exit point, see the Registration Facility part.)</p>
|
|
|
|
<p>Any escape message received from an exit program or encountered while trying
|
|
to call an exit program, will be treated as an indication that the new password
|
|
should be rejected.</p>
|
|
|
|
<p>The specified exit program must exist in the system auxiliary storage pool
|
|
(ASP) or one of the basic user ASPs at the time it is added to the registration
|
|
facility. If the program does not exist, the request to add the exit program
|
|
will be rejected.</p>
|
|
|
|
<p>The exit program must exist in the system ASP or one of the basic user ASPs
|
|
at the time the exit point attempts to locate the exit program. If the
|
|
specified exit program does not exist in the system ASP or one of the basic
|
|
user ASPs, the condition will be treated as an indication that the new password
|
|
should be rejected.</p>
|
|
|
|
<p><strong>Note:</strong> The QPWDVLDPGM system value must be set to the value
|
|
*REGFAC. If the QPWDVLDPGM system value contains any other value, the validate
|
|
password exit programs will not be called.</p>
|
|
|
|
<br>
|
|
<h3>Authorities and Locks</h3>
|
|
|
|
<dl>
|
|
<dt><em>User Profile Authority</em></dt>
|
|
|
|
<dd>*ALLOBJ and *SECADM to add or remove exit programs to the registration
|
|
facility</dd>
|
|
</dl>
|
|
|
|
<br>
|
|
|
|
|
|
<h3>Required Parameter</h3>
|
|
|
|
<dl>
|
|
<dt><strong>Validate password exit information</strong></dt>
|
|
|
|
<dd>INPUT; CHAR(*)
|
|
|
|
<p>Information needed by the exit program for notification of any profile
|
|
changes. For details, see <a href="#HDRVLDFMT">Format of Validate Password Exit
|
|
Information</a>.</p>
|
|
</dd>
|
|
|
|
<dt><strong>Return indicator</strong></dt>
|
|
|
|
<dd>OUTPUT; CHAR(1)
|
|
|
|
<p>Indicates whether the new password should be accepted or rejected.</p>
|
|
|
|
<table cellpadding="5">
|
|
<!-- cols="5 95" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>'0'</em></td>
|
|
<td align="left" valign="top">Indicates that the new password should be
|
|
accepted.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>'1'</em></td>
|
|
<td align="left" valign="top">Indicates that the new password should be
|
|
rejected.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<p><strong>Note:</strong> Any value other than '0' indicates that the new
|
|
password should be rejected.</p>
|
|
</dd>
|
|
</dl>
|
|
|
|
<br>
|
|
|
|
|
|
<h3><a name="HDRVLDFMT">Format of Validate Password Exit Information</a></h3>
|
|
|
|
<p>The following table shows the structure of the validate password exit
|
|
information for format VLDP0100. For a description of the fields in this
|
|
format, see <a href="#HDRVLDI">Field Descriptions</a>.</p>
|
|
|
|
<table border width="80%">
|
|
<tr>
|
|
<th align="center" valign="top" colspan="2">Offset</th>
|
|
<th align="left" valign="bottom" rowspan="2">Type</th>
|
|
<th align="left" valign="bottom" rowspan="2">Field</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th align="center" valign="bottom">Dec</th>
|
|
<th align="center" valign="bottom">Hex</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="left" valign="top" width="20%">CHAR(20)</td>
|
|
<td align="left" valign="top" width="60%">Exit point name</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">20</td>
|
|
<td align="center" valign="top">14</td>
|
|
<td align="left" valign="top">CHAR(8)</td>
|
|
<td align="left" valign="top">Exit point format name</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">28</td>
|
|
<td align="center" valign="top">1C</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">Password level</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">32</td>
|
|
<td align="center" valign="top">20</td>
|
|
<td align="left" valign="top">CHAR(10)</td>
|
|
<td align="left" valign="top">User profile name</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">42</td>
|
|
<td align="center" valign="top">2A</td>
|
|
<td align="left" valign="top">CHAR(2)</td>
|
|
<td align="left" valign="top">Reserved</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">44</td>
|
|
<td align="center" valign="top">2C</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">Offset to old password</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">48</td>
|
|
<td align="center" valign="top">30</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">Length of old password</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">52</td>
|
|
<td align="center" valign="top">34</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">CCSID of old password</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">56</td>
|
|
<td align="center" valign="top">38</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">Offset to new password</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">60</td>
|
|
<td align="center" valign="top">3C</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">Length of new password</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">64</td>
|
|
<td align="center" valign="top">40</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">CCSID of new password</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top"> </td>
|
|
<td align="center" valign="top"> </td>
|
|
<td align="left" valign="top">CHAR(*)</td>
|
|
<td align="left" valign="top">Old password</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top"> </td>
|
|
<td align="center" valign="top"> </td>
|
|
<td align="left" valign="top">CHAR(*)</td>
|
|
<td align="left" valign="top">New password</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
<br>
|
|
<h3><a name="HDRVLDI">Field Descriptions</a></h3>
|
|
|
|
<p><strong>CCSID of new password.</strong> The CCSID of the new password field.
|
|
For a list of valid CCSIDs, see the <a href="../nls/rbagsglobalmain.htm">
|
|
Globalization</a> topic in the iSeries Information Center.</p>
|
|
|
|
<p><strong>CCSID of old password.</strong> The CCSID of the old password field.
|
|
For a list of valid CCSIDs, see the <a href="../nls/rbagsglobalmain.htm">
|
|
Globalization</a> topic in the iSeries Information Center.</p>
|
|
|
|
<p><strong>Exit point format name.</strong> The format name for the Change User
|
|
Profile exit program. The possible format name is:</p>
|
|
|
|
<table cellpadding="5">
|
|
<!-- cols="15 85" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>VLDP0100</em></td>
|
|
<td align="left" valign="top">The format name that is used before a user
|
|
password is changed by the CHGPWD command or QSYCHGPW API.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<p><strong>Exit point name.</strong> The name of the exit point that calls the
|
|
exit program.</p>
|
|
|
|
<p><strong>Length of new password.</strong> The length, in bytes, of the new
|
|
password field.</p>
|
|
|
|
<p>When called by the QSYCHGPW API, this is the length supplied to (or
|
|
defaulted to) the QSYCHGPW API. It may include trailing blank or null
|
|
characters which are removed by the system before changing the password.</p>
|
|
|
|
<p>When called by the CHGPWD command, this is the length of the actual password
|
|
with any trailing blank or null characters removed.</p>
|
|
|
|
<p><strong>Length of old password.</strong> The length, in bytes, of the old
|
|
password field.</p>
|
|
|
|
<p>When called by the QSYCHGPW API, this is the length supplied to (or
|
|
defaulted to) the QSYCHGPW API. It may include trailing blank or null
|
|
characters which are removed by the system before changing the password.</p>
|
|
|
|
<p>When called by the CHGPWD command, this is the length of the actual password
|
|
with any trailing blank or null characters removed.</p>
|
|
|
|
<p><strong>New password.</strong> The new password value.</p>
|
|
|
|
<p><strong>Offset to new password.</strong> The offset from the beginning of
|
|
the validate password exit information to the new password field.</p>
|
|
|
|
<p><strong>Offset to old password.</strong> The offset from the beginning of
|
|
the validate password exit information to the old password field.</p>
|
|
|
|
<p><strong>Old password.</strong> The old password value.</p>
|
|
|
|
<p><strong>Password level.</strong> The password level in affect for the
|
|
system. See the QPWDLVL system value for a description of the possible
|
|
values.</p>
|
|
|
|
<p><strong>User profile name.</strong> The name of the user profile whose
|
|
password is being changed.</p>
|
|
|
|
<br>
|
|
<hr>
|
|
API introduced: V3R1
|
|
|
|
<hr>
|
|
<center>
|
|
<table cellpadding="2" cellspacing="2">
|
|
<tr align="center">
|
|
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
|
|
"unix.htm">Security APIs</a> | <a href="aplist.htm">APIs by category</a></td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
</body>
|
|
</html>
|
|
|