SECURITY Parameters

Client-wide variables that contain security parameters relevant for the access trace function of the authorization system.

The access trace function lets you log authorized and/or denied accesses in the categories login, privilege, host access and object access.

You can review the access trace function in the Administration perspective, provided that you have the required privileges. Each access results in a security message that informs about the access time, user, access category, host and the actual access. Host information is only available if the user is logged on to the AWI. Usually, you cannot retrieve host information for tasks that are activated at runtime.

If the access trace function is activated in the Client 0 variable, if an unknown user makes an attempt to log on to the system, the access denial is logged in Client 0.

Notes:

• Single assignments to variable values must be separated by commas
• Specify the variable values exactly as described. They are case sensitive
• Single assignments to values are not case sensitive.

SECURITY_AUDIT_FAILURE

• Description:

  The authorization system's access control management

• Allowed values:

  • HOST_ACCESS

    All the denied attempts to access a host are logged.

  • LOGON

    All the denied login attempts are logged.

  • OBJECT_ACCESS

    The denied attempts to access an object are logged.

  • USER_PRIVILEGES

    All denied user privileges are logged.

• Restart required:

  No

SECURITY_AUDIT_SUCCESS

• Description:

  The authorization system's access control management

• Allowed values:

  • HOST_ACCESS

    Authorized host accesses are logged

  • LOGON

    Authorized logins are logged

  • OBJECT_ACCESS

    Authorized object accesses are logged

  • USER_PRIVILEGES

    Authorized user privilege uses are logged

• Restart required:

  No

See also:

UC_CLIENT_SETTINGS - Various Client Settings