XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

291

292

293

294

295

296

297

298

299

300

XYGATE

User Authentication

™

Reference Manual

Appendix B: The UAACL File

XYPRO Technology Corporation 267 Proprietary and Confidential

B22: IGNORE_PASSWORD_REQUIRED

The IGNORE_PASSWORD_REQUIRED keyword allows XUA to bypass internal

"password required" settings of some other-than-TACL programs; for example,

NDMCOM. This setting works only when the program is calling

USER_AUTHENTICATE_ with option bit 7 set, which can be set using the “OPT 7”

command when testing in What-if mode.

When IGNORE_PASSWORD_REQUIRED is set to ON, the XUA rules for password

requirements will override the programs wishes.

When IGNORE_PASSWORD_REQUIRED is set to OFF, the program’s request that a

password be required will be honored, and a good password will be required to logon.

Syntax:

IGNORE_PASSWORD_REQUIRED {ON | OFF}

Example 1 below will allow members of the ACLGROUP $SUPER to logon as any

member of $NDM-OPER to the NDMCOM without supplying a password.

Example 1: How to tell XUA to ignore a password request from a REQUESTOR

program

UAGROUP Logon-to-NDMCOM-without-password

DESCRIPTION "Ignore require-password configuration in NDMCOM"

IGNORE_PASSWORD_REQUIRED ON

PASSWORD_REQUIRED OFF

!Selection Criteria:

FROM_USER $SUPER

TO_USER $NDM-OPER

REQUESTOR $SYSTEM.SYSnn.NDMCOM

Example 2 below will allow SEC.ADMIN to verify without supplying a password at

XYGATEAC verify user prompt.

Example 2: How to tell XUA to ignore a password request from a REQUESTOR

program

UAGROUP XAC-Verifyuser-Password

DESCRIPTION "Ignorepassword at XAC verifyuser"

FROM_USER SEC.ADMIN

TO_USER SEC.ADMIN

REQUESTOR $SYSTEM.XYGATEAC.XYGATEAC

IGNORE_PASSWORD_REQUIRED ON

AUDIT_ACCESS_PASS ON

AUDIT_ACCESS_FAIL ON