On 2012-11-02 02:23, Paul_Koning at
Dell.com wrote:
On Nov 1, 2012, at 9:12 PM, Dave McGuire wrote:
On 11/01/2012 05:14 PM, Paul_Koning at
Dell.com wrote:
Hey Johnny...this is probably my DECnet inexperience showing...but
when I try to access MIM from RSTS/E, it prompts me for a username
and password. Should it do that? I get right in (for file
operations) from VMS.
RSTS always prompts for user ID for interactive logins. It will then
prompt for a password unless the account you asked for is set not to
require a password.
On the other hand, DECnet objects that work in the context of some
user (like FAL) can be set to have a default user ID that is used
when no access control parameters are included in the connect.
Ahh ok, I get it. That sounds very familiar; I know I've read about
it before. So you're saying that FAL on MIM's end would be set up with
a default user ID, or I'd configure something within DECnet on my end to
pass a default ID?
The former. The receiving end (MIM) decides what the access rules on that end are.
True, but it's not that simple in the end. :-)
Since FAL do have a requirement for authentication of some sort (and I'm not willing
to drop that), you need to present a user to RSX. VMS have this concept of a default user
if none is provided, RSX do not have this default user concept.
So far, things are easy and obvious.
There is one more thing that relates here, and that is proxy information, which noone (but
me) have mentioned so far. The source side of a DECnet connection can also pass on the
user identification of the source process to the destination, and the destination side can
map that remote user to any local user it wants to, thus getting the user identification
for the local system that way instead of having to explicitly pass username and password
in the connect request.
That is something of a shared responsibility between both sides, where both have to agree
on doing this, and the destination must also have a mapping for that remote user to a
local user in order for it to be accepted.
Now, I've set up a proxy user on MIM, which essentially maps *::* to the local user
DECNET, thereby creating something pretty similar to a default account. But it do require
that the connecting side sends proxy user information to MIM, or else it will not work.
But yes, in the end, the access rules are defined by the receiving end - MIM. But the
sending side needs to provide information one way or another.
Johnny
--
Johnny Billquist || "I'm on a bus
|| on a psychedelic
trip
email: bqt at softjar.se || Reading murder books
pdp is alive! || tryin' to stay hip" -
B. Idol