XYGATE Access Control Reference Manual
XYGATE
®
Access Control Reference Manual
Appendix A: The ACCONF File
XYPRO Technology Corporation 100 Proprietary and Confidential
A6: BLOCKMODE_AUDIT
This keyword determines whether the individual function keys pressed by the
XYGATEAC session user will be audited. If BLOCKMODE_AUDIT is set to ON, the
individual function keys will be audited. If it is set to OFF, they will not.
Hidden fields will not be audited so that user names and passwords will not appear in
XAC’s audit trail.
Syntax:
BLOCKMODE_AUDIT { ON | OFF }
Example:
BLOCKMODE_AUDIT OFF
The default value is ON. This value can be overridden for individual ACACL Command
Entries.
A7: CMON
This keyword tells the XYGATEAC process to talk to CMON (or the process named)
for object file starts. Optionally, you can append a timeout, which is the amount of time
the XYGATEAC process will wait (in seconds) for a response from CMON before
continuing. We recommend that you explicitly specify a value of between 5 and 30 for
the <timeout-in-seconds>. This will allow time for a busy CMON to respond and will
allow the use of ACACL Command Entries in the event CMON is too busy to respond
in a reasonable time.
Syntax:
CMON [[$<NAME>] <timeout-in-seconds>]
The default value for $<NAME> is $CMON. If you want CMON to evaluate all run
requests, then use –1 for <timeout-in-seconds> to specify that the XYGATEAC
program should wait forever for a CMON response. This is only recommended for sites
where security requires that no operation be permitted if $CMON is unavailable.
However, the majority of sites should use a value of 5 to 30 seconds so that a failure to
communicate with $CMON does not disable processing.
Note: If a CMON entry is not put in the ACCONF file, then XAC will not communicate
with the CMON process.
Example:
CMON $CMON 15
This example tells XAC to talk to the $CMON process with a 15 second timeout. This
allows $CMON to rule on XAC’s new process run requests.