Application Integration Guide > Program Exits > Password Exit

Password Exit

The loginAn Automation Engine object type that stores account credentials used by agents on target systems. data of an AE userIn the Automation Engine, a user is an instance of a User object, and generally the user is a specific person who works with Automic products. The User object is assigned a user ID and then a set of access rights to various parts of the Automation Engine system and product suite. These access rights come in the form of Automation Engine authorizations and privileges, Decision user roles and EventBase rights and ARA web application object rights. You can manage all these centrally in the ECC user management functions. See also, Unified user management. contains information about the clientA closed environment within an Automation Engine system where you can create and run objects. A client name consists of a 4-digit number that must be indicated when a user logs on to the Automation Engine system. Users and their rights are also defined in clients. A particular Automation Engine object type., user nameName of the Automation Engine user., departmentDepartment name to which the Automation Engine user belongs. and passwordA secret combination of characters for a Automation Engine user.. During the authentication process AE compares the login information that is entered with the stored user data. Depending on the result of this comparison, access is either granted or denied.

Also, the Automation EngineThis component drives an Automation Engine system and consists of different types of server processes. provides a password exit which can be used to verify or - where necessary - reject attempts to log on to the AE system via a custom-developed program library. The password exit is called for any type of AE user logon (UserInterfaceThis is the Automation Engine's graphical user interface. [Formerly called the "Rich Client", "RichGUI" and "Dialog Client."], CallAPIA programming interface that processes a script in the Automation Engine system. It can be called directly from within the program itself or from a different program.).

When using the password exit for verifying user authentication, the AE-specific authentication information (users with the appropriate rights and privileges) must be available in the AE system.

Requirements

It is necessary to implement a program library which contains the following C functions:

Description

Data type of return codeThe value that represents the result of tasks and script functions.

C functionPre-defined run book template in the Automation Engine. One single step only, e.g. Start Windows Service, Copy file,…

Is called in all work processes (WP) when the Server starts. The password exit is not active if this function ends on a return code unequal zero. No more calls are made.

long

XUC4PASS_Open(AE system, parameter, callback function)

Data type of AE system: char*
Data type of  parameters: char*
Data type of callback function: void*

Use the callback function to print text outputs in the Automation Engine's log file. Define the callback function as shown below:

typedef void (WINAPI *UC4_LOGTEXT)(char *pText);

It is called in all work processes (WP) when the Server has ended provided the exit could successfully be opened.

long

XUC4PASS_Close()

Is called in the current primary work processIt is responsible for the execution of Automation Engine-internal tasks and work processes. (PWP) with each AE login. This function must return a return code of the following table.

long

XUC4PASS_Execute(client, user name, department, password, language, computer name, login type, length of output area, output area)

Data type of client: int
Data type of user name: char*
Data type of department: char*
Data type of  password: char*
Data type of  language: char (possible values: "D", "E" and "F")
Data type of computer name: char*
Data type of the login type: char (possible values: "D" - Dialog, "C" - CallAPI, "W" - WebInterfaceDeprecated Term., "A" - ApplicationInterface, "U" - Utility)
Data type of output area length: int
Data type of output area: char*

The output area is any text which is output in the message box after successful logon. Only login via UserInterface or WebInterface has the effect that this text is displayed. It can be read with the ApplicationInterface.

Note that the text must not exceed the length of the output area.

The function XUC4PASS_Execute is synchronously called with each login. A long processing time in this function blocks the PWP for other tasks.

Return codes of the function XUC4PASS_Execute:

Value

Constant

Description

0

XUC4PASS_EXECUTE_EXIT_OK
XUC4PASS_EXECUTE_EXIT_AUTHENTICATED

User was successfully authenticated. The password will be saved afterwards as user password in the databaseA database is an organized collection of data including relevant data structures..

1

XUC4PASS_EXECUTE_EXIT_DENIED

User was not successfully authenticated (e.g. wrong password was used).

2

XUC4PASS_EXECUTE_EXIT_DENIED_LOCK

User is blocked.

3

XUC4PASS_EXECUTE_EXIT_INACTIVE

The password exit has not checked the user.

4 PEXIT_RETCODE_AUTHENT_NO_PASSWORD The password is valid, but will not be saved in the database after authentication.

A sample implementation is available in the delivery directory SystemExit\xuc4pass. It includes makefiles that can be adjusted according to the applicationAn application is a software which helps a user to fulfill specific tasks. In the context of ARA see also: Application entity. development.

The password exit has a higher priority than the LDAP connection if both are activated. If the states "authenticated" or "access denied" are returned, the LDAP connection is not called at all. It is only called if the password exit is inactive or has been deactivated.


Installation Procedure

Automic strongly recommends copying the generated library to the Server installation directory.

Information about the Password Exit is available in the  System Overview.

 

See also:

variable UC_SYSTEM_SETTINGS
Encoding Passwords

 


Automic Documentation - Tutorials - Automic Blog - Resources - Training & Services - Automic YouTube Channel - Download Center - Support

Copyright © 2016 Automic Software GmbH