You can specify options and parameters for the sign-on procedure of your UTM application with the SIGNON control statement. The signing on of users is controlled by the SIGNON parameter.
The parameters UPIC, RESTRICTED and CONCURRENT-TERMINAL-SIGNON are only relevant if a sign-on service is generated.
If you enter an invalid value for the SIGNON operand, then KDCDEF uses the corresponding default value. This is currently done without outputting a corresponding message (see the following descriptions of the operands).
|
|
CONCURRENT-TERMINAL-SIGNON=%_value | ||||||||||||||
| This is only relevant when your application is generated with a sign-on service. You specify the percentage of users generated for which a sign-on service may be active at the same time in CONCURRENT-TERMINAL-SIGNON. openUTM attempts to allocate the necessary resources according to this specification. The value %_value is based only on sign-on services that are started for terminal users and TS applications. Default: 25 (%) If you enter a value < 1 or > 100 for %_value, KDCDEF sets the default value of 25 % without outputting a message. | ||||||||||||||
GRACE= | (Grace-Sign-On) | |||||||||||||
YES | The user can still change his or her password after the password validity period has expired. The table below shows how the individual client types behave when a password has expired and how this behavior depends on whether a sign-on service is activated.
1) The password can always be changed via the administration interface. By default, passwords with limited periods of validity are immediately set to "expired" when changes are made via the administration interface. If you want to prevent this, then you must explicitly request this in the administration interface. Note the following particularities after regeneration or change generation:
| |||||||||||||
NO | The user cannot change his or her password after the validity period has expired. The password may only be changed by an administrator after the validity period has expired. Default: NO | |||||||||||||
MULTI-SIGNON= | Specifies if a user may be signed on to the application multiple times under the same user ID simultaneously. The MULTI-SIGNON operand does not have any effect on the receiving and starting of asynchronous services via OSI TP. | |||||||||||||
YES | The following cases can arise:
| |||||||||||||
NO | Every user ID may only be signed on once, and no more than one dialog service can be active at a time for each user. Default: YES | |||||||||||||
OMIT-UPIC-SIGNOFF= | Specifies whether a user who has signed on over a UPIC connection remains signed on or not after the conversation has finished. | |||||||||||||
YES | If a user has signed on over a UPIC connection, they remain signed on after the conversation has finished. This user is only signed off
If no other user is passed in the UPIC protocol, no sign-on service is started before the UPIC conversation is started. If the application is generated without users, the user ID is never changed for an existing connection. In this case, therefore, a sign-on service is only started where necessary before the first conversation is started after the connection has been established. Default in UTM cluster applications. | |||||||||||||
NO | If a user has signed on over a UPIC connection, they are signed off after the conversation has finished. Default in standalone applications. | |||||||||||||
PW-HISTORY= | number Specifies if and how many password changes are to be maintained by openUTM in the password history.If you enter a value > 0 for number, then openUTM maintains a password history. number is the number of passwords for a user ID that are recorded by openUTM. If a user changes his or her password and if a maximum period of validity is generated for the password in the USER statement, then the new password must be different from the current password and the last number of passwords used by the user. number=0 means that openUTM will not maintain a password history. Default: 0 If you specify a value > 10 for PW-HISTORY, then KDCDEF sets it to the maximum value of 10. The password history only applies to the user; the administrator can change the password irrespective of the history. | |||||||||||||
RESTRICTED= | Specifies if DB calls and access to global UTM storage is prohibited in the first part of the sign-on service. | |||||||||||||
YES | DB calls and access to global UTM storage is prohibited in the first part of the sign-on service. | |||||||||||||
NO | DB calls and access to global UTM storage is permitted in the first part of the sign-on service. Default: YES | |||||||||||||
SILENT-ALARM= | number1 Specifies the number of unsuccessful sign on attempts that may occur one after the other via an LTERM partner or a terminal user. A silent alarm (message K094) is triggered when this number is exceeded. The message is output after number1 unsuccessful sign-on attempts in a row by a user or by a client. Default: | |||||||||||||
UPIC= | This is only relevant when a sign-on service is generated in your application. | |||||||||||||
YES | If a sign-on service is generated for the transport system end point (BCAMAPPL) via which the UPIC client has connected to the application, this is started before every UPIC conversation. | |||||||||||||
NO | No sign-on service is started for UPIC clients. Default: NO | |||||||||||||