Safeguard Reference Manual (G06.24+, H06.03+ )
Event-Exit-Process Commands
Safeguard Reference Manual—520618-013
15-33
Event-Exit Design, Management, and Operation
the database by calling the USER_AUTHENTICATE_ procedure in Authenticate Only
mode at authentication time. Once a user is authenticated, the event-exit process can
either store the entered password or force a password change. Turn off the
AUTHENTICATE-FAIL-FREEZE and AUTHENTICATE-FAIL-TIMEOUT Safeguard
configuration attributes during this authentication. Because USER_AUTHENTICATE_
checks these attributes, they might interfere with updates during password
synchronization.
If the event-exit process collects a new password during a logon dialog, it can send the
new password in a message response to the Safeguard database when authentication
is complete. This allows the user databases to remain synchronized. If the password is
not propagated to the Safeguard database, the user cannot log on if the event-exit
process becomes disabled and authentication is performed by the Safeguard software.
You can force all password changes to be processed by the event-exit process. To do
this, set ENABLE-PASSWORD-EVENT to ON to force all password change attempts
through the password-quality exit. Then design the password-quality exit so that it
rejects all attempts. This approach forces users to change their passwords during
authentication. If the event-exit process handles authentication, it can capture all
password changes, assuming the Safeguard software is running.
Event-Exit Design, Management, and Operation
The design of an event-exit process must adhere to these general requirements:
•
The event-exit process must be multithreaded (able to handle multiple concurrent
requests).
•
The event-exit process can be a process pair to ensure its continuous availability to
handle authorization requests. If it is not a process pair, the event-exit process is
unavailable to handle requests during its initialization interval after a restart.
•
Any user file maintained by the event-exit process must support 32-byte user alias
names and their passwords.
•
To avoid the possibility of deadlocks, the event-exit process must not perform
waited operations after initialization.
The Safeguard $ZSMP starts and manages the event-exit process. Each time $ZSMP
starts the event-exit process, it first attempts to kill any process with the same process
name not started by the $ZSMP. An EMS message notes this action. If the $ZSMP
finds that the event-exit process was not started by the $ZSMP, it does not send
messages to the event-exit process until it successfully kills the process and restarts it.
Be careful to avoid name collisions.
When $ZSMP receives an ENABLED ON request, it attempts to start the event-exit
process. If this attempt fails because of invalid data in the Safeguard record, the start
attempt is terminated, and the ENABLED value is reset to OFF. An error message is
returned to the user to indicate the nature of the problem, such as an invalid program
file name.