G06.32 Release Version Update Compendium

ManualsBrandsHP ManualsServerHP NonStop G-Series

Manageability Products

G06.32 Release Version Update Compendium—546067-001

6-2

Safeguard Enhancements

Logon Without a Password

Safeguard is enhanced to allow users to logon without a password. This feature,

known as PRIV-LOGON, provides a mechanism whereby applications that invoke the

USER_AUTHENTICATE_() procedure to perform user/alias logons can do so without

specifying a password. (This feature contrasts with NORMAL-LOGON, which requires

a password.) This feature also provides a mechanism by which time critical

applications are not subjected to the time delay which can occur during normal

authentications upon successive authentication failures. Logging on without a password

can be done only if the SUPER.SUPER user has given the program file that

permission through Safeguard.

This feature introduces these changes:

•

A new bit, bit #2, PRIV-LOGON, is added to the options parameter of the

USER_AUTHENTICATE procedure call.

•

A new Safeguard disk file attribute, PRIV-LOGON, is added for the executable disk

files under Safeguard protection.

•

The SAFECOM commands ADD, ALTER, INFO, SET, and SHOW support the new

PRIV-LOGON disk file attribute.

The following new attributes have been added for disk files under Safeguard

protection:

•

PRIV-LOGON. When set to ON, this attribute denotes that the disk file under

Safeguard protection is permitted to perform logons without specifying a password

or will not be subjected timeout upon successive authentication failures. Valid

values are ON and OFF.

•

AUDIT-PRIV-LOGON. When set to ON, this attribute denotes that the PRIV-

LOGON operations attempted by the disk files under Safeguard protection are

audited. Valid values are ON and OFF.

•

AUDIT-DISKFILE-PRIV-LOGON. When set to ON, this attribute denotes that the

PRIV-LOGON operations attempted by any disk file under Safeguard protection

are audited. Valid values are ON and OFF.

These new SPI tokens are introduced:

•

zSFG-tkn-audit-privlogon, token type ZSPI-DDL-BOOLEAN. This token is valid

with the ZCOM-CMD-ADD, ZCOM-CMD-ALTER, and ZCOM-CMD-INFO

commands. It is used to add, alter, or display the PRIV-LOGON disk file attribute.

•

zSFG-tkn-audit-priv-lgn, token type ZSPI-DDL-BOOLEAN. This token is valid with

the ZCOM-CMD-ADD, ZCOM-CMD-ALTER, ZMD-CMD-INFO commands. It is

used to add, alter, or display the AUDIT-PRIV-LOGON disk file attribute.

•

zSFG-tkn-audit-file-priv-lgn, token type ZSPI-DDL-BOOLEAN. This token is valid

with the ZCOM-CMD-ALTER and ZCOM-CMD-INFO commands. It is used to alter

or display the AUDIT-DISKFILE-PRIV-LOGON configuration attribute.