For customers who need to be able to effect a password change from the middle tier, HostBridge sends two extra HTTP headers with numeric codes to identify authorization status:
Values for the headers appear below.
|HBAUTH value||HBAUTH2 value|
|0 - Normal||0 - OK|
|4 - Invalid input||8 - Credentials not specified|
|12 - Invalid request||13 - There is an unknown return code in ESMRESP from the ESM |
|18 - The CICS ESM interface is not initialized|
|29 - The ESM is not responding|
|32 - The user ID field contains a blank in an invalid position|
|16 - Not authorized||2 - The supplied password is wrong|
|3 - A new password is required|
|4 - The new password is not acceptable|
|19 - The user ID is revoked|
|22 - Request failed during seclabel processing|
|31 - User revoked in default group|
|20 - User ID error||8 - the user ID is not known to the ESM|
|24 - Other error|
Typically, HostBridge will return (0,0), which means everything is normal:
If a new password is required, the HTTP headers return the following values:
To change a password,
- Rename the HostBridge file HBR#AUTH to HBR$AUTH.
- In TCPIPSERVICE, set Authenticate to “No.”
- Send in the standard Basic header with valid credentials. In addition to the standard Authenticate header, pass in:
where value is username:new_password (base64 encoded). This is the same format that Authenticate uses.
HBR$AUTH is required for you to use the password change capabilities.
When a valid password change request is sent in, the user’s password is changed to the new password. Subsequent HostBridge requests must use this new password instead of the old one.