The Login Process |
![]() ![]() ![]() |
There are two stages to login; user authentication and process initialisation. The first applies only to network connections
User Authentication
On Windows NT and later, users connecting to QM via a network must enter a valid Windows username and password. The new process runs as that user and with the associated access permissions.
QM implements a further layer of security on top of the Windows authentication by maintaining a register of usernames allowed to use QM. A username may be added to this register using the CREATE.USER or ADMIN.USER commands. The register entry determines:
If security has been turned off and the username does not appear in the user register, the user runs without administrator rights and an account name prompt is displayed.
On Windows 98/ME, the above mechanism is extended such that QM performs the username and password validation using its own internal user register as these platforms do not provide an adequate user authentication system. The newly created process runs with the Windows user name and access permissions of the user that started the QMServer process.
On other platforms, users connecting to QM via a network usually open telnet sessions as normal users and then enter QM, perhaps automatically via their profile script. It is, however, possible to connect directly to QM in which case the security mechanisms described above for Windows NT and later apply.
Process Initialisation
When a user successfully enters an interactive QM session, the following steps occur:
For PDA users, the terminal type is set to pda.
For QMConsole users on Windows, the terminal type is set to qmterm.
For users entering QM from an operating command prompt on other platforms, QM looks for an environment variable named TERM and, if this is found, uses it to set the default terminal type. If this fails, vt100 is used by default.
In all cases except for PDA users, the terminal type can be changed later from within QM using the TERM command. When using AccuTerm, it is strongly recommended that the terminal types with the -at suffix (e.g. vt220-at) are used as these enable AccuTerm specific features such as the screen switching required for the full screen mode of the QMBasic debugger.
IF @TTY = 'phantom' THEN STOP at the relevant point in the paragraph. For a QMClient session, test for 'vbsrvr'. See @TTY for more details.
Step 4 above is also executed when the LOGTO command is used to move to a new account.
User specific process initialisation can be performed by testing the content of the @LOGNAME variable in the MASTER.LOGIN or LOGIN paragraphs. For example, IF @LOGNAME = 'ADMINISTRATOR' THEN ADMIN.STARTUP or even executing a user name dependant paragraph by a command of the form START.<<@LOGNAME>> |