Previous Topic: UserDefinedFunction FunctionNext Topic: SEOS_EXITINET


UserDefinedPrefix_RegisterExit Function

Valid on Windows

The UserDefinedPrefix_RegisterExit function registers exit functions for some events. The registration in seosd service and pwdchange.dll is handled during startup.

If the function succeeds, it returns 0. Any other numbers indicate a failure; the execution continues as usual-as if no callback function was called.

Note: The UserDefinedPrefix is read from the registry by the seosd service and pwdchange.dll prior to calling this function.

declspec(dllexport) int __stdcall UserDefinedPrefix_RegisterExit(PFNEXIT pFunctionsExit[], unsigned long* pEventsType).

where PFNEXIT is defined as a pointer to a function that receives void as an argument and returns int.

int UserDefinedFunction(void* data, SEOS_EXITRES * pExitResult);
pFunctionsExit

An array of user-defined functions that are to be registered in the seosd service and in pwdchange.dll.

pEventsType

An array of event types corresponding to the function in the same entry in the pFunctionsExit argument.

Valid event types are:

Example

Registering a user's exit function.

/* Sample of registering a user defined function that will be called prior
to CA ControlMinder password verification. (The user has configured in the registry the prefix PWD */
typedef int(*PFNEXIT)(void);
declspec(dllexport) int __stdcall PWD_RegisterExit(PFNEXIT pFunctionExit[],unsigned long* pEventTypes)
{
     pFunctionExit[0] = (PFNEXIT)MyExitFunc;
     pEventTypes[0] = AUTHXAPI_EV_PREVERPWD;
     return 0;
}

More information:

For UNIX

For Windows

Structure and Data Types

This section describes the data structures used by Exits API functions to pass information back and forth between the functions and the CA ControlMinder daemons/services. Which structure you use depends on the event being intercepted by your exit function.

The following describes each field of these data structures:

PFSeosExitFunc

Pointer to a function

SEOS_EXITLOGIN

Data structure for login events

SEOS_EXITGENR

Data structure for general resource check events

SEOS_EXITINET

Data structure for TCP/IP request events (UNIX only)

SEOS_EXITPASS

Data structure for password quality check and password change events

SEOS_EXITRES

Data structure for results being returned to CA ControlMinder after any event

SEOSDB_ODF

Data structure for definition of an object in the database (UNIX only)

SEOSDB_PDF

Data structure for definition of a property in the database (UNIX only)

SEOS_ACCESS

Encapsulates a single member of type SEOS_ACCS

SEOS_ACCS

Holds a list of access flags

SEOS_CID

Contains the class identification descriptor (UNIX only)

SEOS_OID

Contains the object identification descriptor (UNIX only)

SEOS_PID

Contains the property identification descriptor (UNIX only)

More information:

SEOS_ACCS Structure

SEOS_ACCESS Structure

SEOS_EXITLOGIN

The first parameter passed to exit functions linked to attempted login events is a pointer to the SEOS_EXITLOGIN structure. This structure contains information about the attempted login. The SEOS_EXITLOGIN structure can be found in the authxapi.h file.

uid_t luid

User ID of the user trying to log in.

char const *szUname

Name of the user trying to log in.

char const *szTerm

Name of the terminal from which the user is trying to log in. Set to NULL when CA ControlMinder starts up.

dev_t device

Device number of the program trying to log in.

ino_t inode

Inode number of the program trying to log in.

char const *szProg

Name of the program trying to log in. Set to NULL when not applicable.

SEOS_EXITGENR

The first parameter passed to exit functions linked to attempted general resource check events is a pointer to the SEOS_EXITGENR structure. This structure contains information about the user and resource being verified. The SEOS_EXITGENR structure can be found in the authxapi.h file.

char const *szClass

Name of the general resource class being accessed. Check only the classes you explicitly decide to verify, and ignore the others.

char const *szRes

Name of the resource being accessed.

uid_t uid

The UNIX or Windows user ID of the user attempting access. Set to ‑1 when not applicable.

int seos_handle

ACEE handle associated with the user attempting access. Negative if the user is not defined in CA ControlMinder; 0 or positive otherwise.

char const *szUserName

Name of the user attempting access.

dev_t device

Device number of the program attempting access. Set to 0 when not applicable.

ino_t inode

Inode number of the program attempting access. Set to 0 when not applicable.

char const *szTerm

Name of the terminal from which user is attempting access. If user is not at a local terminal, this is set to the remote host name.

SEOS_ACCESS access_info

An unsigned long integer representing the type of access requested.

char const *szProg

Name of the program attempting access. Set to NULL when not applicable.

More information:

SEOS_ACCS Structure