/*******************************************************************/
/* Demonstration of how to call the DMSPASS CSL routine in REXX. */
/* */
/* Syntax: */
/* DMSPASS userid password */
/* The specified userid and password are validated. */
/* */
/* DMSPASS agent/target agent_password */
/* The specified agent and the agent's password are */
/* validated. If valid, the agent's authority to LOGON BY */
/* to the target user is verified. */
/* */
/* Notes: */
/* o If the password contains starting or ending blanks, */
/* you must enclose the password in single or double quotes. */
/* */
/* o If the password starts with a single or double quote, */
/* you must enclose the password in double or single quotes, */
/* respectively. That is, the 'opposite' quote type. */
/* */
/*******************************************************************/
/* This code is offered on an AS-IS basis, with no warranty */
/* expressed or implied, including proper operation or suitability */
/* for purpose. By using this code for any purpose whatsoever, */
/* you acknowledge that IBM retains all copyright and intellectual */
/* property rights contained herein, if any. */
/* */
/* Alan Altmark, Author */
/* IBM Endicott, June 2006 */
/* */
/* Copyright (C) IBM Corporation, 2006-2011 */
/* */
/*******************************************************************/
/* Summary of the API: */
/* */
/* DMSPASS ( rc, */
/* domain, */
/* agent, agent_length, */
/* password, password_length, */
/* target, */
/* logdata, sizeof(logdata), log_length */
/* ) */
/* */
/* The plist for DMSPASS can occur in one of 4 forms. */
/* */
/* To verify your ability to invoke DMSPASS/Diag88: */
/* rc, -1 */
/* */
/* To simply verify a userid and password: */
/* rc, 0, agent, agentl, pw, pwl */
/* */
/* To verify a password AND check that 'agent' has LOGONBY */
/* privileges to 'target': */
/* rc, 0, agent, agentl, pw, pwl, target */
/* */
/* To do the above and get feedback from the CSL routine: */
/* rc, 0, agent, agentl, pw, pwl, target, logdata, logmax, loglen */
/* */
/*******************************************************************/
/* A few things to note: */
/* */
/* o The agent cannot be blank or null. */
/* */
/* o If the target is blank or null, then it is assumed to be */
/* the same as the agent id and no LOGONBY check is made and */
/* it will be overwritten with the user's VM id. */
/* */
/*******************************************************************/
/* The following shows the mapping of Diagnose 88 return codes to */
/* DMSPASS return codes. This is useful so that you can */
/* simulate various conditions via TRACE DIAG 88 NOSIM ST G7 nn */
/* */
/* Diag 88 --> DMSPASS */
/* RC RC */
/* 0 0x00 0 ok */
/* 8 0x08 8 failed */
/* 12 0x0C 36 wrong CP level */
/* 16 0x10 32 no permission to issue DIAG 88 */
/* 24 0x18 24 error reading CP directory */
/* 28 0x1C 12 no logonby permission */
/* 32 0x20 4 password expired */
/* 40 0x28 28 ESM present but not available */
/* */
/*******************************************************************/
parse arg userid password
parse upper var userid agent_user "/" target .
if target = "" then target = agent_user
Select
When left(password,1) = '"'
then agent_pass = strip(password,'"','B')
When left(password,1) = "'"
then agent_pass = strip(password,"'",'B')
otherwise
agent_pass = password
End
domain = 0 /* agent is a VM user */
target = left(agent_user,8) /* Target is always a */
/* VM id. Pad to 8. */
logdata = left(' ',100) /* Set up logdata area */
logmax = length(logdata) /* sizeof(logdata) */
loglen = 0
agentl = length(agent_user)
pwl = length(agent_pass)
savetarg = target
rc = -999999 /* Init return code */
Call CSL "DMSPASS rc",
"domain",
"agent_user agentl",
"agent_pass pwl",
"target",
"logdata logmax loglen"
Select
when rc = 0 then
do
say routine "RC=" retcode "Logdata="left(logdata,loglen)
if save_target <> target then /* target returned */
say "Target =" target
end
when rc = 4 then
say agent_user"'s password has expired"
when rc = 8 then
say "Access denied - bad user id or password"
when rc = 12 then
say agent_user "does not have LOGONBY permission to" target
when rc = 24 then
say "Error reading the CP directory. Try again."
when rc = 28 then
say "ESM present, but not available right now. Try again later."
when rc = 32 then
say "Missing OPTION DIAG88 in your directory."
when rc = 36 then
say "We just took a specification exception on Diag 88. Not good."
when rc >= -199 & rc < -100 then
say "DMSPASS doesn't like parameter" abs(rc)-100
/* Everthing below this point is generic REXX CSL stuff */
when rc = -7 then
say routine "not found"
when rc = -8 then
say routine "was dropped"
when rc = -9 then
say "Insufficient memory to call" routine
when rc = -10 then
say "Too many parameters specified on call to" routine
when rc = -11 then
say "Too few parameters provided on the call to" routine
when rc >= -26999 & rc < -26000 then
say "Incorrect data length for parameter" abs(rc)-26000
when rc >= -27999 & rc < -27000 then
say "Incorrect data or data type for parameter" abs(rc)-27000
when rc >= -28999 & rc < -28000 then
say "Incorrect variable name for parameter" abs(rc)-28000
when rc >= -29999 & rc < -29000 then
say "Incorrect length value for parameter" abs(rc)-29000
otherwise
say "UNEXPECTED ERROR: CSL call to" routine "failed. RC="rc
end
exit rc