Security Exit Messages
The security exit contains four types of messages:
- GENERATE_MSG
- GENERATE_REPLY_MSG
- VALIDATE_MSG
- VALIDATE_REPLY_MSG
GENERATE_MSG
IBM Connect:Direct sends a generate message to the user exit program at the start of a session to establish a security environment. The PNODE sends the GENERATE_MSG to the security exit to determine a user ID and security token to use for authentication on the SNODE. The GENERATE_MSG contains:
- Submitter ID
- PNODE ID
- PNODE ID password, if user specified one
- SNODE ID
- SNODE ID password, if user specified one
- PNODE name
- SNODE name
GENERATE_REPLY_MSG
The user exit program sends a reply message to IBM Connect:Direct. The GENERATE_REPLY_MSG contains:
- Status value of zero for success or non zero for failure
- Status text message (if status value is failure, status text message is included in the error message)
- ID to use for security context on the SNODE side (may or may not be the same ID as in the generate message)
- Security token used in conjunction with ID for security context on the SNODE side
VALIDATE_MSG
IBM Connect:Direct sends a validate message to the user exit program. The SNODE sends the VALIDATE_MSG to the security exit to validate the user ID and security token received from the PNODE. The VALIDATE_MSG contains:
- Submitter ID
- PNODE ID
- PNODE ID password, if user specified one
- SNODE ID
- SNODE ID password, if user specified one
- PNODE name
- SNODE name
- ID to use with security token
- Security token (password, PASSTICKET, or other security token)
VALIDATE_REPLY_MSG
The user exit program sends a reply message to the IBM Connect:Direct VALIDATE_MSG. The VALIDATE_REPLY_MSG contains:
- Status value of zero for success or non zero for failure
- Status text message (if status value is failure, status text message is included in the error message)
- ID used for security context
- Security token to use in conjunction with ID for security context