Detecting Soon to Expire Password

General discussion on PHP
jord1322
Posts: 36
Joined: Mon Nov 03, 2014 3:49 pm
Location: Concord, North Carolina

Re: Detecting Soon to Expire Password

Post by jord1322 » Fri Apr 22, 2016 9:14 pm

That's alright! I actually used IBM's Knowledge Center for QSYCHGPW and adapted your other XML based Toolkit call to do it. It works. Thanks so much! You've been a great help!
Thanks,
Jordon Greene
PHP Full Stack Developer
SHOE SHOW, Inc.

jord1322
Posts: 36
Joined: Mon Nov 03, 2014 3:49 pm
Location: Concord, North Carolina

Re: Detecting Soon to Expire Password

Post by jord1322 » Thu Apr 28, 2016 2:58 pm

We figured out the Password Change part, now we are working on using the Toolkit to verify the user for login. Previously we just attempted a connection to the database with the user's user ID and password and if successfully they were given access. However, this method does not return errors warning that the user's password has expired, will expire soon or that the user's profile has been disabled, etc. We are trying to use the QSYGETPH API to do a login, but I'm running into problems.

It seems that I can only get the program to run successfully without the ERROR parameter, because it says that the ERROR parameter is only used if the Password Length and Password CCSID parameters are not used. And, I have to use the Password Length and Password CCSID parameters to be able to allow the user to type in their own password rather than a special one from what I'm seeing.

Then now that I have the call running successfully, no matter whether the user ID/password combination is correct or invalid I'm not getting a Profile Handle returned at all. It is the same results every time and it does not return the error information. I'm not sure how to proceed.
Thanks,
Jordon Greene
PHP Full Stack Developer
SHOE SHOW, Inc.

scottgcampbell
Posts: 187
Joined: Wed Apr 22, 2009 2:29 pm
Location: Edmonton, AB, Canada

Re: Detecting Soon to Expire Password

Post by scottgcampbell » Thu Apr 28, 2016 4:03 pm

Can you post your code (both interested to see and it makes it easier to test/debug)?

What I do is:

1 - Use QSYRUSRI to check invalid attempts so the user doesn't disable themselves, also checks for non-existent users
2 - Check users password by calling an RPG program that calls QSYGETPH and checks for errors returned (parts of the code here).

Code: Select all

D CHKPWD          PR                  EXTPGM('QSYGETPH')        
D   USER                        10                              
D   PASS                        10                              
D   HANDLE                      12                              
D   ERROR                       15                              
D   PWDSIZ                      10I 0                           
D   PWDCCSID                    10I 0                           
 *--------------------------------------------------------------
 * DATA STRUCTURES                                              
 *--------------------------------------------------------------
 * Define work fields                                           
 * Error structure for the API call.                            
D ERRDS           DS            15                              
D  BytesPrv                     10I 0 INZ(%SIZE(ERRDS))         
D  BytesAvl                     10I 0                           
D  ErrMsgID                      7                             

 * Other code here.....     
C                   CALLP     CHKPWD(USER: PASS: HANDLE: ERRDS: 
C                                  PWDSIZ:                      
C                                  PWDCCSID)                    
 * If there are "BytesAvl" then there is an error               
 * and the password was not valid so send an error back.      
C                   IF        BytesAvl > 0                                
 
So maybe your code just needs to check the error DS to see if the bytes available is greater than 0?

Scott

jord1322
Posts: 36
Joined: Mon Nov 03, 2014 3:49 pm
Location: Concord, North Carolina

Re: Detecting Soon to Expire Password

Post by jord1322 » Thu Apr 28, 2016 4:13 pm

After working on it a bit, we decided to build an RPG Program Call and call it from that call since calling the API directly from PHP using the Toolkit did not seem to work for the reasons I mentioned earlier. The RPG is using the QSYGETPH API and I'm just passing the wrapper program the user ID and password and it returns any error codes or a success.
Thanks,
Jordon Greene
PHP Full Stack Developer
SHOE SHOW, Inc.

Post Reply