Manualshelf

RSC/MP Programming Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
81828384858687888990
9 Access Control Server
RSC/MP supports application-level security through its access control server (ACS)
mechanism. This section describes the ACS mechanism and how to use it.
Using ACS
Use of ACS is optional. When ACS is not used, the TDP routes RSC/MP client I/O
requests to any server, as directed by the RSC/MP application.
When ACS is used, the RSC/MP application must supply a user ID and password to
create a session with RscBeginSession. The TDP passes these credentials to an ACS
that is written by you and runs on the NonStop host. Your ACS grants or denies
permission for the session to begin. Your ACS can also provide the TDP with a list of
specific servers to which access should be granted or denied. When this server-list
feature is used, a security check is made each time the RSC/MP application attempts
server I/O with RscWrite or RscWriteRead.
ACS Server
In operation, ACS requires two components: the ACS server itself and an ACS object.
An ACS runs on the NonStop host as a Guardian named process or as a Pathway
server. It accepts user identifiers and passwords from the TDP and responds by
reporting user authentication status and optional server lists.
See A Sample ACS for the NonStop Host on page 9-5 for information on a sample
ACS Server.
ACS Object
The ACS object is configured within the TDP. It serves to tie a user session (created by
the RSC/MP application with RscBeginSession) to an ACS. Each ACS object works
with only one ACS server. It accesses the ACS directly (if the ACS server is a
Guardian named process) or through the Pathsend product (if your ACS server is a
Pathway server class).
Preparation
For each ACS server you will use, you must:
1. Start the ACS server.
2. Configure and start an ACS object for use with the server.
3. Map all RSC/MP sessions that must be ACS-controlled to the ACS object.
HP NonStop Remote Server Call (RSC/MP) Programming Manual 522360-006
9- 1