2.8 User authentication function

JP1/AJS3 - Definition Assistant uses the following two user authentication methods for connecting to the manager host:

Method in which the user authentication function is not used

This method creates a JP1 user name that is the same as the OS user name operating JP1/AJS3 - Definition Assistant for connection to the manager host.
Method in which the user authentication function is used

This method specifies a JP1 user name when JP1/AJS3 - Definition Assistant is used for connection to the manager host.

The following figure shows an overview of operation when the user authentication function is used and when it is not used.

Figure 2‒10: Overview of operation when the user authentication function is not used

Figure 2‒11: Overview of operation when the user authentication function is used

The following table shows the advantages and disadvantages of each method.

Table 2‒7: Advantages and disadvantages of using and not using the user authentication function
Whether the user authentication function is used	Advantages	Disadvantages
Not used	A JP1 user name does not need to be entered for an import or export operation.	Because a JP1 user and user mapping definition must be created on the manager host for each OS user who operates JP1/AJS3 - Definition Assistant, the number of JP1 users that must be managed increases.
Used	Because an existing JP1 user name can be used for operation, the number of JP1 users that must be managed can be reduced. Entry of a JP1 user name for each import and export operation improves security.	Because a JP1 user name must be entered for each import and export operation, the number of entry items for operation increases.

You can specify whether to use the user authentication function in the USERCHECKLEVEL environment settings parameter. By default, the user authentication function is not used. For details about the environment settings parameters, see 3.2.1 Settings for environment settings parameters.

Note that when the user authentication function is used, the AJS-SET-SERVERHOST environment settings parameter is enabled, and the same authentication method that is used in JP1/AJS3 - View can be used. In addition, if you start JP1/AJS3 - Definition Assistant from JP1/AJS3 - View, import can be performed by a JP1 user. When you start JP1/AJS3 - Definition Assistant from JP1/AJS3 - View 09-10 or later, the JP1 user name used to log on to JP1/AJS3 - View can be inherited to perform import.

The following figure shows operation when the user authentication function is enabled and JP1/AJS3 - Definition Assistant is started from JP1/AJS3 - View.

Figure 2‒12: Operation when JP1/AJS3 - Definition Assistant starts from JP1/AJS3 - View

When you want to inherit the JP1 user name used to log on to JP1/AJS3 - View in order to use the user authentication function to perform import, you need to specify the user name for Command during registration of JP1/AJS3 - Definition Assistant as a starting tool in JP1/AJS3 - View. For details about the registration method, see 3.1.7(2) Opening the definition information management template from JP1/AJS3 - View.

If you start JP1/AJS3 - Definition Assistant from JP1/AJS3 - View when the user authentication function is not used, you can use the OS user name to perform import.

The following table shows the JP1 users that can be used to operate JP1/AJS3 - Definition Assistant for each version of JP1/AJS3 - View according to whether the user authentication function is or is not used.

Table 2‒8: JP1 users to be used for operating JP1/AJS3 - Definition Assistant
JP1/AJS3 - View version	User name specification for Command in the Register Tools dialog box	Value of USERCHECKLEVEL	JP1 user to be used for operating JP1/AJS3 - Definition Assistant
09-10 or later	Specified	2	JP1 user name specified in the Import of unit definition dialog box
		1	JP1 user name used to log on to JP1/AJS3 - View
		0 or not specified (User authentication function not used)	Login OS user name
	Not specified	1 or 2	JP1 user name specified in the Import of unit definition dialog box
	Not specified	0 or not specified (User authentication function not used)	Login OS user name
Earlier than 09-10	-- (Cannot be specified)	1 or 2	JP1 user name specified in the Import of unit definition dialog box
Earlier than 09-10	-- (Cannot be specified)	0 or not specified (User authentication function not used)	Login OS user name

Note that if the user authentication function is used, specify the following settings.

The connected JP1/AJS3 version is earlier than 11-50:

You must register the JP1/AJS3 - Manager host name to the hosts file in JP1/AJS3 - Definition Assistant. (The settings for reverse DNS server lookup or settings in the hosts file are required.)

The connected JP1/AJS3 version is 11-50 or later:

When the environment settings parameter is disabled (the value of SERVERHOST-USE-REVERSELOOKUP is Y):: You must register the JP1/AJS3 - Manager host name to the hosts file in JP1/AJS3 - Definition Assistant. (The settings for reverse DNS server lookup or settings in the hosts file are required.)
When the environment settings parameter is enabled (the value of SERVERHOST-USE-REVERSELOOKUP is N):: No setting is required.

To Page Top