XYGATE User Authentication Reference Manual

XYGATE

User Authentication

™

Reference Manual

Appendix B: The UAACL File

XYPRO Technology Corporation 268 Proprietary and Confidential

B23: IMPERSONATION

Syntax:

IMPERSONATION {ALWAYS | OFF | OPTIONAL}

Authorize a group of users to logon to certain utilities as a specified user such as

super.super with the user’s own password. If OPTIONAL, allow either target user’s

password or use impersonation. If ALWAYS, disallow "un-impersonated" logon. If

OFF, disallow impersonation.

Example:

IMPERSONATION OPTIONAL

Note: If IMPERSONATION is set to ALWAYS and if the user specified in the password

field does not match the IMPERSONATION_FROM_USER list, then

XYGATEUA will continue to search for the UAGroup that matches.

The default behavior is OFF.

B24: IMPERSONATION_FROM_USER

Syntax:

IMPERSONATION_FROM_USER <user list>

Impersonating the user’s password field should contain the username present in the

UAGROUP’s keyword IMPERSONATION_FROM_USER. The <user list> can be a

space-separated list of users; for example, userids’ aliases, underlying, Netunderlying,

relative wildcarding.

Example:

IMPERSONATION_FROM_USER OPER.* SECURITY.*