System authentication uses the username and password of the operating system to authenticate clients. System authentication is configured in file.

The System authentication method gives every console operator an account on the host on which the server runs. By using this method:

  • Each console operator has a unique username and password.
  • Access to the system can be traced to a particular user.
  • Access can be individually revoked.
Note: The use of <SYS> for the password allows the use of common password administration across applications and avoids having the password appear in cleartext in the file in unencrypted installations.

This mechanism can readily be extended to provide similar controlled access for administrators. For example, you could add the following records to the serverConnect.conf file:

* : fred|george : <SYS> : All

* : * : <SYS> : Monitor

This example would grant the users “fred” and “george” All access, once they provide the passwords for their accounts on the host. Other users who provide the correct password are granted Monitor access.

You could even define a class of administrative users. For example, usernames that start with ADM are provided All access. All other users are provided Monitor access.

* : ADM* : <SYS> : All

* : * : <SYS> : Monitor

In console applications, the passwords are displayed as masked characters (*) to avoid displaying the passwords in cleartext.

Note: In order for console applications to prompt, the value <PROMPT> must be used for the Domain manager username and password in clientConnect.conf file.