To validate a password, use this form of the OPSECURE function:
var = OPSECURE('P', 'userid', 'password', 'newpassword')
If you omit the newpassword argument, OPSECURE validates the user ID and password. If you specify newpassword, OPSECURE changes the password.
For the RACF security environment, specify the newpassword argument in uppercase characters.
OPSECURE is valid for RACF, CA Top Secret, and CA ACF2 security environments but only AOF rules (in supervisor state) can call this function. Typically, request rules issue OPSECURE function calls.
For all three security products, if the password was correct (and a new password was assigned if specified), the returned value is the string ALLOW. Otherwise, OPS/REXX returns a message (or, for RACF or CA Top Secret, one of the following messages):
INVALID SECURITY ENVIRONMENT
USER PROFILE NOT DEFINED
PASSWORD IS NOT AUTHORIZED
PASSWORD HAS EXPIRED
USER NOT DEFINED TO THE GROUP
REJECTED BY INSTALLATION EXIT
ACCESS HAS BEEN REVOKED
SECURITY PRODUCT IS NOT ACTIVE
GROUP ACCESS HAS BEEN REVOKED
NOT AUTHORIZED TO USE THIS TERMINAL
INVALID DAY OR TIME OF DAY
TERMINAL CANNOT BE USED
NOT AUTHORIZED TO USE APPLICATION
For CA ACF2, invalid password attempt calls increase the invalid password violation counter for the specified user ID.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|