Guardian Procedure Calls Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

1441

Send $CMON the Logon^msg message (-50). This bit is valid either when Safeguard software is running

and configured with CMON ON or when Safeguard software is not running.

<10>

Do not allow the super ID to log on.<11>

Do not allow a logon with a NonStop operating system user ID. When Safeguard software is running,

the user can log on specifying either a member name or an alias. When Safeguard software is not

running, the user can log on specifying a member name.

<12>

Require blind logon. Setting this bit has the same effect as configuring BLINDLOGON using the Safeguard

product. Passwords in inputtext are ignored unless bit 8 is set to assert that password echoing did

<13>

not occur. Setting this bit is effective only on the first call of a dialog; it is ignored on the second or

subsequent call.

If blind logon is set in bit 13 or configured using the Safeguard product, and a password is provided in

inputtext, and bit 8 is set, authentication finishes in one call to USER_AUTHENTICATE_. If bit 8 is not

set, then the outcome depends on dialog-id:

• If dialog-id is supplied, then even if a password is provided in inputtext, USER_AUTHENTICATE_

returns with error equal to 70 and status equal to 4 to indicate that the password must be supplied

in the next call to USER_AUTHENTICATE.

• If dialog-id is not supplied and a password is supplied in inputtext, then the

USER_AUTHENTICATE_ returns with error equal to 48 and status equal to 4 to indicate a security

violation.

Do not log on if $CMON has an error or timeout. Setting this bit has the same effect as configuring

Safeguard software with CMON ON and CMONERROR DENY. This bit has meaning only if CMON

<14>

communication is attempted (either bit 9 or bit 10 is set, or the Safeguard software is configured with

CMON ON).

Log on and update the process' attributes to reflect the user's attributes. Following a successful logon with

this procedure, the calling process is considered local with respect to the system on which it is running.

Note that authentication occurs without logon when this bit is set to 0.

<15>

The default value is 0, which requests that the specified user be authenticated without logon,

additional restrictions, or requests.

dialog-id

input, output

FIXED .EXT:ref:1

specifies the identifier of the dialog and allows an authentication to take place over multiple

calls to the procedure. To begin a dialog with USER_AUTHENTICATE_, set dialog-id to 0F.

Use the dialog-id returned on each subsequent call to USER_AUTHENTICATE_ to continue

the dialog. Error 70 (continue authentication dialog) is returned on each such call along with

a status value that indicates the next required piece of information. The default value is 0F.

If dialog-id is not passed to USER_AUTHENTICATE_, then dialogs that require more than

one call to USER_AUTHENTICATE_ are not possible. Error 48 (security violation) is returned

instead of error 70. On return, status contains the same value as would have been returned

with error 70.

status

output

INT .EXT:ref:1

returns a value providing more information when error is 0, 48, or 70.

Values returned for error = 0 (no error):

Descriptionstatus

No status.0

Password is valid but it is about to expire. Caller returns caution message.8

USER_AUTHENTICATE_ Procedure 1443