Guardian Procedure Calls Reference Manual (G06.25+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

1561

Guardian Procedure Calls (T-V)

Guardian Procedure Calls Reference Manual—522629-013

15-38

USER_AUTHENTICATE_ Procedure

During a dialog, inputtext can specify the information in multiple calls. The

following example shows how input

text could be set in three successive calls:

1. inputtext = “user”

2. inputtext = “password”

3. inputtext = “newpassword, newpassword”

•

Authenticating a user

If authentication without logon is requested (

options bit <15> is 0),

USER_AUTHENTICATE_ authenticates the user, but you cannot assume that

user’s identity and you cannot log on. You must supply a password even if you do

not request a logon unless:

•

You are the super ID (and options.<7> is not set to 1).

•

You are the group manager (*,255) (and options.<7> is not set to 1).

•

You are a user inquiring about yourself (and options.<7> is not set to 1).

•

Logging on

If authentication with logon is requested (

options bit <15> is set to 1) and

Safeguard software is running, and if the Safeguard parameter PASSWORD-

REQUIRED is set to ON, you can assume that user’s ID if:

•

You know the user’s password.

Alternatively, if authentication with logon is requested (

options bit <15> is set to

1) and either Safeguard software is running, and the Safeguard parameter

PASSWORD-REQUIRED is set to OFF or Safeguard software is not running, you

can assume that user’s ID if:

•

You are the super ID (and options.<7> is not set to 1).

•

You are the group manager (*,255) (and options.<7> is not set to 1).

•

You know the user’s password.

If any of these conditions are met, then your process access ID and creator access

ID changes, you become a local user, and your default file security changes to

what is established for the specified user.

•

Disabling special authentication and logon privileges of the super ID and the group

manager

If authentication is required regardless of who is executing the calling process, set

options.<7> to 1. Setting this option overrides the special rules that otherwise

allow the super ID or group manager to perform authentication or logon without

providing the correct password. The effects of this option are enforced irrespective

of whether Safeguard software is active and irrespective of whether

options.<15> is set.

This bit enables server processes running as the super ID to check a requester’s

password without being able logon.