Manualshelf

SQL/MX Connectivity Service Manual for SQL/MX Release 3.2.1 (H06.26+, J06.15+)

ManualsBrandsHP ManualsServerHP Integrity NonStop J-Series
11121314151617181920
User Authentication
MXCS uses a connection model in which users request a connection to a named service, known
as the data source. To complete the connection, the user provides a user name and a password,
which are passed in a secure, private packet to the MXCS server.
Two formats for the username are valid:
group.user or safeguard-aliasname
Because many client applications use only one-part user identification (such as on Windows and
UNIX systems), you might need to add Safeguard aliases and use the safeguard-aliasname
format when connecting to MXCS. For more information about user authentication, see the Safeguard
User’s Guide.
Passwords
Safeguard supports multiple alias and password pairs for a single Guardian username. This can
improve performance because object caching reuses the underlying username. You can set up an
anonymous login capability by adding a username such as guest with no password, then map
this username to a user group that has limited access to the SQL objects.
Password Expiration
You can enable the password expiration notification feature, which sends a warning message to
the driver when a password is scheduled to expire in the next two days or a password has already
expired but is still within the grace period.
To enable notification of password expiration:
1. Using NSM/web, set the SQL_ATTR_WARNING environment variable in the SET tab to 1.
(The default value of SQL_ATTR_WARNING is 0 (disabled).)
This setting directs SQLConnect, SQLBrowseConnect and SQLDriverConnect to return
SQL_SUCCESS_WITH_INFO with one of these warnings:
[WARNING 8857] Password to Expire in n days, n hours, n minutes. (If the password
expires in less than two days.)
or
[WARNING 8837] CLI Authorization failure: Error 48 with status 11 was returned by
Safecom. (If the password is expired and in the grace period.)
2. If the application uses SQLDriverConnect with the SQL_DRIVER_PROMPT attribute, the
ODBC/MX driver prompts the user to change the password.
The user has these options:
Cancel the password change and proceed with the current session.
Change the password by providing the old and new passwords. If an invalid password
is entered, the connection is terminated.
Operation Access Controls
You must use an ID created under the super group when installing MXCS. Starting the association
server requires that you are logged on with a user ID that has Guardian access to run the MXOAS
file. Thereafter, a user ID with MXCS OPERATOR permission can enable and disable the MXCS
service and manage MXCS from NSM/web or MXCI. To perform any operation in MXCS, you
must have the correct access privileges to NonStop SQL catalogs, MXCS catalogs, and individual
NonStop SQL objects. A user ID with OPERATOR permission is the only user ID that can manage
MXCS.
Security 15