Additional check on cache user authorization
I need to perform additional checks before Cache user logins (let's say in a terminal for simplicity) and allow access only to those, who passed them. How do I do it?
After reading about delegated authentication in docs I created this ZAUTHENTICATE routine:
ZAUTHENTICATE(ServiceName,Namespace,Username,Password,Credentials,Properties) PUBLIC { #include %occErrors #include %occStatus quit $$$ERROR($$$GeneralError,"No access") }
and set Password and Delegated as Allowed Authentication Methods in %Service_Console (it's a windows install)
Expected result: no one can login via the terminal
Actual results: after entering cache user credentials in a terminal prompt user succsessfully logins but in this user plrofile there is:
Last Reason for Failing to Login: | ERROR #5001: No access |
---|
audit reports:
2016-02-24 10:10:00.046 | %System | %Login | LoginFailure | 7560 | dev | Error entering the application Programmer mode |