RSC/MP 7.2 Programming Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

Access Control Server

HP NonStop Remote Server Call (RSC/MP) Programming Manual—522360-004

9-2

How ACS Works

Mapping of RSC/MP sessions to ACS objects can be done in either of two ways:

•

In the TDP (recommended) by setting the TERM object’s ACSERVER attribute to

the name of the ACS object. This approach provides stronger security because it

does not rely on the RSC/MP application to supply the name of a properly

configured ACS object.

•

In the RSC/MP application by setting the HOST_ACS_NAME option to the name of

the ACS object that should control access. This option must be set prior to the

RscBeginSession call.

How ACS Works

The ACS facility works as follows:

•

At the start of an RSC/MP session (when the application calls RscBeginSession),

the TDP determines whether an ACS is configured for that workstation.

•

If an ACS is configured, the TDP sends the USER_ID and PASSWORD from the

header of its RscBeginSession message to the ACS. The user ID and password

come from the workstation options.

•

If the USER_ID and PASSWORD options are accepted by the ACS, the TDP starts

the session.

An ACS object has two additional levels of access control. These controls are

determined by the ACS program and by the RECVWRITEREADS attribute of the ACS

object:

•

The USER_ID and PASSWORD can be validated on each RscWriteRead, which is

enabled by setting the RECVWRITEREADS attribute of the ACS object to YES.

•

When the TDP receives an RscBeginSession message, the user-written ACS can

reply with a list of authorized servers. This list, maintained for each session,

contains the names of stand-alone servers and Pathway server classes. The TDP

checks the list to allow or block access (depending on the settings used by the

ACS) to the servers named in each subsequent RscWriteRead or RscWrite

function call.

The TDP can be configured to report successful and/or rejected ACS attempts on each

RscWrite or RscWriteRead. The logging of ACS status on an RscWrite/RscWriteRead

basis is configured in a TERM object using the option TERM LOGEVENTS

ACSALLOW to log successful attempts and the option TERM LOGEVENTS

ACSREJECT for rejected attempts. Refer to the HP NonStop Remote Server Call

(RSC/MP) Installation and Configuration Guide for information on setting up TERM

LOGEVENTS as part of TDP Logging.

Note. The ACS mechanism provides application-defined security. The USER_ID and

PASSWORD options are passed to an ACS only. They are not related to Guardian

security, unless you choose to make use of Guardian security functions in your ACS

implementation.