User Validation Processing

Signon Processing › What is Signon Processing? › User Validation Processing

User Validation Processing

Dependencies

User validation processing is dependent on the following:

Whether signon processing is controlled externally, internally or not at all (OFF).
Whether IDMS resources are controlled externally or internally.
Whether an explicit or automatic signon is being done.
Whether the signon is occurring within the DC/UCF system or within a separate address space.

Internally Secured Signon

If signon processing is occurring within a DC/UCF system (whether explicit or automatic), the user must have been granted the SIGNON privilege on the DC/UCF system. If this condition is not satisfied, the user is not signed on and all subsequent security checks will fail.

The user being signed on must also have been defined in the user catalog with a CREATE USER statement, and, in the case of an explicit signon, the password specified must match the password associated with the user definition. If either of these conditions is not satisfied, the user is not signed on and all subsequent security checks will fail.

The user will also be signed on to the external security system if one or more IDMS resources are controlled externally. No password verification takes place for the external signon. If the external signon request fails, the user will not be signed on.

Externally Secured Signon

If signon is controlled externally, the user being signed on must be defined to the external security system. In the case of an explicit signon, the password must match the password associated with the user definition in the external security system or the PassTicket must be validated by the external security system. If the external signon request fails, the user is not signed on and all subsequent security checks will fail.

The user will also be signed on to the internal security system if one or more IDMS resources are controlled internally. No password verification takes place for the internal signon. If the internal signon request fails because the user is not defined to CA IDMS, processing will continue but subsequent security checks for internally controlled resources may fail since the user has no associated groups other than PUBLIC.

No Signon Security

If security for the SGON resource is 'OFF', the user will be signed on to the internal security system without password verification. Regardless of whether the user is defined in the user catalog, processing will continue.

The user will also be signed on to the external security system if one or more IDMS resources are controlled externally. The processing of the external signon request is the same as if signon processing were being controlled internally.