XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

281

282

283

284

285

286

287

288

289

290

XYGATE

User Authentication

™

Reference Manual

Appendix B: The UAACL File

XYPRO Technology Corporation 260 Proprietary and Confidential

B11: AUTHENTICATE_FAIL_FREEZE_MSG

The AUTHENTICATE_FAIL_FREEZE_MSG keyword controls whether or not a user is

notified that his or her userid or alias has been frozen on the authentication attempt

that caused freezing to occur.

When freezing of a userid or alias occurs due to successive incorrect logon attempts

reaching the AUTHENTICATE_MAXIUMUM_ATTEMPTS value, and this parameter is

set to ON, the user receives the following message:

If AUTHENTICATE_FREEZE_PERIOD was specified with a non-zero value:

Userid temporarily frozen due to too many wrong attempts

Else

Userid frozen due to too many wrong attempts

Otherwise, the user receives the following message:

*ERROR* Invalid username or password

Subsequent logon attempts while the user id or alias is frozen causes the following

message when the password is correct:

Userid frozen, access denied

Otherwise, the user receives the following message:

*ERROR* Invalid username or password

Note: When AUTHENTICATE_FREEZE_PERIOD elapses and the XUA process

unfreezes a user, this mimics an administrator thawing a user from SAFECOM,

which resets the count to zero for the number of failed authentication attempts

for the user.

Syntax:

AUTHENTICATE_FAIL_FREEZE_MSG {ON | OFF}

Example 1: How to make XUA display the user frozen messages

UAGROUP TEMP-FREEZE

FROM_USER $EVERYONE

TO_USER 80,*

AUTHENTICATE_MAXIMUM_ATTEMPTS 3

AUTHENTICATE_FAIL_TIMEOUT 0

AUTHENTICATE_FAIL_FREEZE ON

AUTHENTICATE_FREEZE_PERIOD 120

AUTHENTICATE_FAIL_FREEZE_MSG ON

AUDIT_ACCESS_PASS ON

AUDIT_ACCESS_FAIL ON

The above parameter only works when AUTHENTICATE_FAIL_TIMEOUT is set to 0.