XYGATE User Authentication Reference Manual
XYPRO Technology Corporation 41 Proprietary and Confidential
Chapter 4. Configuring Control Logons
Based on Port
PORT is an optional criterion. Every user performing an interactive logon is using a
NonStop server port to perform the logon. The PORT may be a physical address such
as $DIAL, a logical TCP/IP address such as 207.215.52.43, or IPV6 address such as
fd1a:cb1d:4c31:f8e3:3:1:1:18 or another process that serves as the input and output
for the user performing the logon such as $SYSTEM.XYGATEAC.XYGATEAC.
4.1 Procedure
The following syntax and example shows how to restrict logons on a Home terminal.
Syntax:
PORT <token> <token> [<token> ...]
Where <token> is one or more terminals or IP addresses separated by spaces.
At least two tokens must be specified; at least one token must be a terminal; and at
least one token must be an IP address. Tokens can contain the following wildcards:
+ any single digit.
* one or more characters, allowed just before a period or as the last character.
? any single character.
@ any single-alpha character.
The Example below will not allow any user to logdown to SECURITY group from the
specific port (terminal and IP addresses).
Example: How to restrict logons by Hometerminal
UAGROUP Reserved-Home-Terminal
DESCRIPTION "Restrict logdown as security on some terminal"
FROM_USER $EVERYONE
TO_USER SECURITY.*
PORT $ZTN0.#PT2WZ46 2.1.1.19 10.1.1.118
RESULT_DENIED
AUDIT_ACCESS_PASS ON
AUDIT_ACCESS_FAIL ON
Refer to the PORT keyword discussion on page 276 in Appendix B: “The UAACL File.”