Safeguard Reference Manual (G06.24+, H06.03+ )
Event-Exit-Process Commands
Safeguard Reference Manual—520618-013
15-25
Security Requests Sent to the Event-Exit Process
Security Requests Sent to the Event-Exit Process
Depending on how the event-exit process is configured, the following specific requests
are passed to it by the Safeguard subsystem.
If ENABLE-AUTHORIZATION-EVENT is ON, any of the following events that involve
objects under Safeguard protection are sent to the event-exit process for a ruling:
•
Access attempts to all objects protected by the Safeguard software
•
Create
•
Give (Setmode function 2)
•
License (Setmode function 98)
•
Progid (Setmode function 1)
•
Process Start
•
Open
•
Purge
•
Rename
•
Process Abend
•
Process Stop
If ENABLE-AUTHENTICATE-EVENT is ON, the following events are sent to the event-
exit process for a ruling:
•
Programmatic logon (USER_AUTHENTICATE_, VERIFYUSER including Verify
Only Mode)
•
Interactive logon (Safeguard terminals, TACL using USER_AUTHENTICATE_)
•
Logon password-related authentication events:
°
Password change at logon
°
Forced password change at logon
°
Generated password at logon
The event exit process must be able to return an error message describing denial
of logon password change.
If ENABLE-PASSWORD-EVENT is ON, the following events are sent to the event-exit
process for a ruling:
•
Password change with the PASSWORD program
•
Password change with the ADD USER, ALTER USER, ADD ALIAS, or ALTER
ALIAS commands
•
Password change interactive logon if ENABLE-AUTHENTICATE-EVENT is OFF