Previous PageTable Of ContentsNext Page

    Manage User Exit

    .

    Name

    --------

    -

    MANCHECK SAFEXEC

    -----------------------------------------------------------

    Input

    --------

    ---------------------------------------------------------------

    Userid Object, SafeSFS_Cmd

        Userid ------ Userid issuing command.

        Object ------ {[fn ft] fp:fs.[dir1[.dir2[...dir8]]][.]}

        --------------{fn ft}

        SafeSFS_Cmd - The SafeSFS command that was issued.

    -

    Output

    --------

    ---------------------------------------------------------------

    The following return codes are valid:

        0 - User is authorized to MANAGE the object

        4 - Indicates SafeSFS should check the MANAGE
        -----
        authorization.

        16 - User is not authorized to MANAGE the object

        24 - Failure performing authorization - SafeSFS treats
        -----
        this as not authorized.

    --


Purpose

Use the MANAGE user exit to replace the existing SafeSFS MANAGE authorization check for SafeSFS commands. The exit can be used to interface to other security systems.

To enable the user exit, code a Rexx exec to perform your needs and place it on the SafeSFS A Disk with a name of MANCHECK SAFEXEC.

Usage Notes
  1. The MANAGE user exit does not affect MANAGE authorization on the SFS server for SFS objects and SFS commands.


  2. To interface with another security system, you can issue a command or CP diagnose from the MANAGE user exit.


  3. This exit may not be used to override SAFADMIN authorization.


  4. This user exit is called as a REXX function.


  5. Two sample user exits (MANCHECK SAMPLE1 and MANCHECK SAMPLE2) are provided as samples for interfacing with VM:Secure.


  6. To retrieve a user's acigroup from within the user exit you may issue:
    `SAFESYS GETACI' userid
    or
    'PIPE COMMAND GETACI' userid '|',
    'SPEC....
    The GETACI function returns the user's acigroup. If the user is not a member of an acigroup BLANKS are returned. If the userid is not a valid userid NULLS are returned.


Previous PageTable Of ContentsNext Page