Paul Gilmartin wrote:
On Sat, 24 Jan 2009 13:51:33 -0800, Edward Jaffe wrote:
My strong maxim is "Don't mess with the user's input." It's
pointless and irresponsible for applications (TPX in this case)
to tie developers' hands against future enhancements by converting
passwords to upper case or enforcing syntax rules given that RACF
already (optionally) does that, at the implementation layer where
it is properly done.
RACF didn't fold the password until recently.
All the more reason, then, that applications should _never_ have
folded passwords. It merely prevented users' employing a
capability present in the underlying system.
No. Failure to fold password on older RACF systems resulted in logon
failure. Folding by the application was mandatory.
--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[email protected]
http://www.phoenixsoftware.com/
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
