OSI/MHS Management Programming Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

641

642

643

644

645

646

647

648

649

650

Password Server Interfaces

OSI/MHS Management Programming Manual—424824-001

7-27

MPS Concepts and Components

The authorization database is an audited, Enscribe key-sequenced file containing several

records with information about users of the message stores supported by the MPS

process. Each record contains the following information:

•

The APPL name

•

The APPL OSI address

•

The encryption method

•

The encrypted password

•

The APPL O/R name

The authorization database is created by the MPS installation procedure. When you

later start the MPS, it immediately terminates if its authorization database is inaccessible

or does not exist.

The MPS updates the authorization database when processing an ADD, ALTER, or

DELETE command, or a Register MS request that changes a user’s credentials. Adding

an APPL object adds a record to the database. Deleting an APPL object deletes a record

from the database. Altering an APPL object potentially modifies the password or other

information in the record.

The authorization database and all updates to it are protected by TMF.

Data Encryption Methods

The MPS stores the master password in its configuration database and the passwords of

other users in its authorization database. To protect against unauthorized discovery and

use of those passwords, the MPS can use a simple, character-based encryption method

when it writes to the databases. In memory, the MPS retains the passwords in

unencrypted form.

When you run the MPS, you specify whether or not you want encryption of passwords.

Of course, if you prefer some other encryption method, you can modify the appropriate

MPS source file. See MPS Source and Configuration Files

on page 7-65.

The encryption method used by an MPS process cannot require more characters to hold

the encrypted form of a password than required by the unencrypted form of the

password.

Output File

The MPS process logs errors and status information to an output file, which you specify

when you run the process. The output file can be a terminal, a spooler location, or an

Enscribe text file.

Each MPS process should have a separate output file, with a name that suggests to

which MPS process it belongs. MPS messages do not identify the MPS process that

produced them.

Types of conditions that MPS logs to the output file include:

•

Any change in the configuration of an MPS process