I haven’t done CGI but I’ve created Stored Procedures to be called from the web, so I don’t know if this is relevant but in that situation we had to pass the user id to the web pages (hidden field) and have the web page hand it back.
First of all, it’s important to know how you configured your HTTP server. Have you used UserID directive? Does your programs change User Profile explicitly?
You can try taking user ID from positions 358-367 (Current User ID) of PSDS.
How are you protecting your site folders? Validation List?
When a user is required to log in to get to your secure web site, environment variables are created and made available to both the client (for any scripts that may run in the browser) and the server (for server-side scripts, or CGI). One of those environment variables is the user ID that was used to log in.
IBM provides an API to access the environment variables for the session that is running. The Get Environment Variable (QtmhGetEnv) API allows you to get the value set by the server for a particular HTTP environment variable. The name of the environment variable you want in this case is REMOTE_USER.
If you are using the CGIDEV2 toolset, you may retrieve the value set by the server for a particular HTTP environment variable by using the subprocedure GetEnv. This procedure calls QtmhGetEnv API.