Manualshelf

XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
51525354555657585960
XYGATE
®
User Authentication
(XUA) 1.85 Reference Manual
Chapter 1. Installing XUA
XYPRO Technology Corporation 32 Proprietary and Confidential
1.8.3 ACLGroups
ACLGroup entries allow profiling of users by job function. For example, you may wish
to allow certain operators to perform some of the tasks of SUPER Group members.
For this situation create an ACLGROUP named $PRIVILEGED for example, which
would include both the SUPER Group and the privileged operators.
ACLGroups must be defined at the beginning of the UAACL file before any rules.
ACLGroups can be used almost anywhere that you would use a userid or alias as an
argument to a keyword in XUA. (Refer to the Sample UAACL File in Appendix B1: on
page 248.)
1.8.4 The Concept of the Current Invoking User
You need a way to tell XAC to use the current user’s userid or alias regardless of who
it is at the moment, when it evaluates access to processes, utilities; otherwise, you
would be unable to grant any user access to his or her own objects without creating a
separate rule for every user. Obviously, this is unworkable, hence the keyword
GROUP.USER.
Product How to Indicate the Current User Invoking the Product Applicable Keywords
XAC GROUP.USER ACACL Commands
USER keyword
XYPC GROUP.USER (*.USER and GROUP.*)
ALIAS:"#CURRENT"
PCACL PCGROUPs
OBJECT_OWNER
ACL
XOS OBJECT_OWNER_GROUP,OBJECT_OWNER_USER
NETUNDERLYING:OBJECT_OWNER_GROUP,OBJECT_
OWNER_USER
OSACL OSGROUPs
USER
OWNEDBY
ACL permissions
XSP GROUP.USER SPACL Commands
ACL
Job Owner