Server logon exit point
You can control the authentication of users to a TCP/IP application server with the TCP/IP application server logon exit point.
This exit point allows server access based on the originating session's address. It also allows you to specify an initial working directory that is different from those that are in the user profile.
When you add an exit program to the exit point, the server calls the logon exit program each time a user attempts to log on. The exit program sets the return code output parameter to indicate whether the server continues the logon operation. Alternate return code settings are available for modifying the logon process and initializing directory information.
The i5/OS exit point for REXEC server logon is QIBM_QTMX_SVR_LOGON.
- The TCPL0100 exit point format controls the following logon
operations:
- Ability to accept or reject a logon
- Control of the user profile, password, and current library
- The TCPL0300 exit point format extends the TCPL0200 format (the TCPL0200 format is not implemented by REXEC) so that you can use i5/OS enhanced password support and the additional parameters to enable coded character set identifier (CCSID) processing for password and directory name fields. In addition, when the user for the session has been authenticated with a client certificate, the exit program receives the client certificate.
- Only one exit program can be registered for the REXEC server logon exit point. You must decide which of the available exit point formats you want to use.
- For all character parameters in exit point formats TCPL0100 and TCPL0300, and all character parameters without an associated CCSID in exit point format TCPL0300: Character data passed to the exit program is in the CCSID of the job. If the job CCSID is 65535, the character data is in the default CCSID of the job. Any character data that is returned by the exit program in these parameters is expected to be in this same CCSID.