This section describes the user exits available with Natural Security. It contains information on:
The following logon-related user exits are available:
Note
The user exit LOGONEX4 is not related to Natural Security's regular logon
handling, but is only relevant in in conjunction with a logon of an RPC client to a
Natural RPC server in an RPC environment. It is described under RPC-Related User Exit below.
LOGONEX0, LOGONEX1, LOGONEX2,
LOGONEX3, LOGONEX5 and LOGONSX1 are Natural
subprograms which have to be stored in the library SYSLIB to be invoked.
The corresponding sources and object modules of these user exits are available in the
library SYSSEC under the following names:
| User Exit in SYSLIB | Sources and Object Modules in SYSSEC |
|---|---|
LOGONEX0
|
NOGONEX0
|
LOGONEX1 |
NOGONEX1 |
LOGONEX2 |
NOGONEX2 |
LOGONEX3 |
NOGONEX3 |
LOGONEX4 |
NOGONEX4 |
LOGONEX5 |
NOGONEX5 |
LOGONSX1 |
NOGONSX1 |
You can modify each of the user exits to suit your requirements. To do so, you make a
copy of NOGONEXn
(n = 0, 1,
2, 3 or 5), store it under the name
LOGONEXn, make your adjustments to it, and
then copy it into SYSLIB.
To ensure that the user exits are always present in SYSLIB, Natural Security
proceeds as follows: The installation procedure, after loading all modules into their
respective libraries, checks whether there already is a subprogram
LOGONEXn contained in SYSLIB. If
there is, it will be left untouched. If there is not, the object module of
NOGONEXn will automatically be copied from
SYSSEC to SYSLIB and stored there under the name
LOGONEXn. At the same time, this ensures that
your customized versions of the user exits are not accidentally overwritten by an
installation procedure.
The above also applies to the user exit LOGONSX1/NOGONSX1.
If the option Password phrases active in User Preset Values is set
to Y or A, LOGONEX0 (instead of LOGONEX1) is invoked by
the Natural Security logon program.
Unless modified, LOGONEX0 invokes the Natural Security logon screen (map
LOGONMX1 or dialog box GLOGONMX1; see Logon Screen / Logon Dialog
Box). By modifying LOGONEX0 you can invoke your
own logon screens.
LOGONEX0 supports the use of password phrases, that is, passwords
which are longer than 8 characters.
If the option Password phrases active in User Preset Values is set
to N, LOGONEX1 (instead of LOGONEX0) is invoked by the
Natural Security logon program.
Unless modified, LOGONEX1 invokes the Natural Security logon screen (map
LOGONM1 or dialog box GLOGONM1; see Logon Screen / Logon Dialog
Box). By modifying LOGONEX1 you can invoke your
own logon screens.
LOGONEX1 only supports the use of "regular" passwords of up
to 8 characters.
LOGONEX2 is invoked by the Natural Security logon program under any of the
following conditions:
when # is entered as the library ID (or is passed from
LOGONEX1 as library ID);
when no library ID has been specified for the logon and neither a default library nor a private library exists which could have been invoked (see also Logon Without Library ID in the section Logging On).
When LOGONEX2 is invoked, the user ID and password have already been
checked and found valid by the logon program. At this point, the Natural system variable
*USER contains a valid value, which may be used.
Unless modified, LOGONEX2 consists of nothing but an END
statement. On return to the logon program, a valid library ID must be passed to the
logon program, otherwise the logon will be rejected. Moreover, it is possible to return
one of possibly several IDs using which a user is linked to a library.
As the user ID/password check has already established the validity of the user-specific
logon data when LOGONEX2 is invoked, LOGONEX2 may be used to
implement additional user-specific procedures or to request user-specific data. For
example, the application programming interface SECNOTE may
be invoked to read user security notes.
When the logon program invokes LOGONEX1 or LOGONEX2, it
passes the parameters PUSERDUMMY1 and PUSERDUMMY2 to the
subprograms. Both parameters are provided for your use; their format/length is A8. You
may assign values to these parameters in LOGONEX1 and subsequently use
these values in LOGONEX2, as they are passed without modification from one
subprogram to the other.
LOGONEX3 is invoked by the Natural Security logon program under any of the
following conditions:
if there are mailboxes to be displayed;
if at least one of the parameters PUSERDUMMY1 or
PUSERDUMMY2, passed from LOGONEX1 or
LOGONEX2 respectively, is not blank.
LOGONEX3 is invoked immediately after a successful logon and before
control is passed from the logon program to the library invoked; when
LOGONEX3 is invoked, logon processing is completed except for the display
of the mailboxes.
If LOGONEX3 is left unmodified, it performs the subprogram calls necessary
for the display of mailboxes.
You may modify LOGONEX3 for one of the following purposes:
to suppress the display of mailboxes;
to have non-library-specific processing to be carried out immediately after a successful logon but before any library-specific transactions are executed.
LOGONEX5 is invoked by the Natural Security logon program whenever the
system command LOGOFF is executed.
This user exit is only available on Linux and Windows.
If the Authentication Type is set to "LDAP" in the
LDAP security profile,
LOGONSX1 - instead of LOGONEX1 - is invoked by the Natural
Security logon program.
Unless modified, LOGONSX1 invokes the Natural Security logon screen (map
LOGONSM1 or dialog box GLOGONS1; see Logon Screen / Logon Dialog
Box).
By modifying LOGONSX1 you can invoke your own logon screens.
The user exit LOGONEX4 is a Natural subprogram which is only used in an RPC
environment. It is invoked by the Natural Security RPC logon program after a successful
logon of an RPC client to a Natural RPC server.
Note
The logon of an RPC client to a Natural RPC server does not cause any of the
user exits described under Logon-Related User Exits (see above) to be invoked.
Invoking LOGONEX4 is always the last task performed by the logon program
when all other logon processing has been completed, and before an RPC service is
performed. At this time, the user ID and password have already been checked and found
valid by the logon program, and the Natural system variables *USER and
*LIBRARY-ID contain valid values, which may be used.
In conversational mode, the user exit is invoked when the conversation is started.
The input parameters for the user exit are the library ID and subprogram name. The output parameter of the user exit is a return code; this may be used to terminate the RPC logon with a non-zero return code. If this is the case, Natural issues error NAT1696 with reason code 10.
A sample source module for LOGONEX4 is available in the library
SYSSEC under the name NOGONEX4. To invoke the user exit, its
object module has to be stored under the name LOGONEX4 in the library
SYSTEM on the FNAT system file assigned to the RPC server. After copying it
to this library, the RPC server has to be restarted.
Once the user exit has been invoked, it remains active until the end of the RPC server session.
To deactivate the user exit, you have to first terminate the RPC server, and then remove
the object LOGONEX4 from the library SYSTEM.
Do not remove LOGONEX4 while an RPC server session using that FNAT
system file is still active, because this would make the RPC server session inoperable
(error NAT0082 would be issued at the next logon to the RPC server).
The library SYSSEC contains several other user exits:
| User Exit | Function |
|---|---|
NSCXXEX1
|
where
The object-type-specific |
NSCUSEX2 |
This user exit is invoked when you use the function Edit Group Members and
|
NSCXXEX3
|
where
The object-type-specific The sources of |
The parameters of these user exits are not modifiable.
For details, see the source codes of the user exits themselves.
