On Fri, 23 Jan 2009 15:20:19 -0800, Skip Robinson wrote: >NVAS is only one application to deal with. *Every* application that >processes logon with SAF userid/password must be capable of handling mixed
Of course, that goes without saying (as you notice, I didn't say it). >case. For example, we tested mixed case early on but never went forward >because TPX could not handle it. End of roll-out plan. > My strong maxim is "Don't mess with the user's input." It's pointless and irresponsible for applications (TPX in this case) to tie developers' hands against future enhancements by converting passwords to upper case or enforcing syntax rules given that RACF already (optionally) does that, at the implementation layer where it is properly done. There may be arguments for avoiding national variant characters in passwords because they may be unavailable on some input devices. But again, that should be enforced in a single code element in RACF, not haphazardly and probably inconsistently by various applications (e.g. NVAS vs. TPX). -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
