I just realized that Postgresql does not differentiate between an invalid username/password or an expired password when it gives you the error message.
Therefore I have to look for a different way to allow users to select their own passwords.
The problem is, IF the password is expired, the user cannot log on to run the stored procedure to reset their password.
You could create a stored function that would allow a generic user to enter and update their password. You would need to add safeguards to the system to store passwords though. (look at storing the md5 hash of the users passwords so that your SF can check the md5 of the "old" password hash against the stored password hash.
ALso, you would need to set the "generic" logon's ONLY role is to run the stored function to update the password.
"Lisa, in this house, we obey the laws of thermodynamics!" - Homer Simpson
"I have my standards. They may be low, but I have them!" - Bette Middler
"It's a book about a Spanish guy named Manual. You should read it." - Dilbert