CA-GSS Statements and Commands › GSS Extended Functions › IO Functions › Number, String, and Variable Functions › System Information Functions › SECURITY()

SECURITY()

Use the SECURITY() function to validate a user ID and password or to change an IMOD task's authority to that of a different user ID.

Syntax

The SECURITY() function has this syntax:

SECURITY({VERIFY|LOGON},userid,password,[newpass])

Arguments

The SECURITY() function takes these arguments:

VERIFY

Checks the user ID/password combination for validity.

LOGON

Checks the user ID/password combination for validity and, if valid, the IMOD task continues execution under the authority of the new user ID.

userid

User ID known to the system security software.

password

Password that authorizes the user ID.

newpass

New password. If both userid and password are correct, newpass replaces password.

Note: This change is permanently recorded by the system security software.

Usage Notes

• For LOGON processing to be meaningful, you must have specified the SECURITY SAF initialization parameter during ISERVE startup.
• To use this function, your installation must be using IBM's RACF security product or another product that supports the SAF RACROUTE interface.
• Following a successful LOGON attempt, the message "SRV331 taskid Task has logged on as user userid" is recorded in the ISRVLOG file.

Return Codes

The SECURITY() function produces these return codes.

101 - 104

ARG n MISSING OR INVALID

121

RACROUTE FAILED: saf_rc racf_rc racf_re

saf_rc The return code as set by SAF

racf_rc The return code as set by RACF

racf_re The reason code as set by RACF

Example

parse arg userid password
result = security('logon',userid,password)
 if rc ^= 0 then return 'LOGON REJECTED'
return 'LOGON SUCCESSFUL'