Windows C User Exits › Windows Client Middleware User Exits › Windows Servers User Exits › TIRSECV—Security Validation Exit (Windows) › Purpose
Purpose
This security exit is called for every cooperative flow, regardless of the security type used. To facilitate security validation a flag indicating whether the security data is for a standard or enhanced buffer has been added. This exit is intended to provide the opportunity to validate enhanced security data while at the same time not impacting those using standard security. To this effect, the default code provided handles two possible conditions:
- For buffers containing standard security the client userid, client password, and security token fields are expected to be blank. The default behavior is for the exit to return SECURITY_USED, thus indicating that the request is authorized. The exit must be modified to return SECURITY_APPLICATION_ERROR if the intent is that all buffers contain enhanced security data.
- For buffers containing enhanced security the client userid, client password, and security token fields can or cannot contain data. The default behavior is for the exit to return SECURITY_NOT_USED, this indicating that no validation processing was attempted. The exit must be modified to validate the security data and set the relevant return code (return SECURITY_USED for an authorized user and SECURITY_APPLICATION_ERROR for a non authorized user). When returning SECURITY_APPLICATION_ERROR, this exit can provide an optional failure message, using the failure_msgbuffer contained within the TIRSECV_cmcb structure that will be presented to the client.
Copyright © 2015 CA Technologies.
All rights reserved.
|
|