NAME

      mxauth - Systems Insight Manager Authorization file format


SYNOPSIS

      mxauth


DESCRIPTION

      The mxauth command supports reading and writing authorization
      information in the eXtensible Markup Language (XML) format. You may
      use this capability to add, or remove multiple authorizations in the
      Systems Insight Manager environment.  Each file may contain the
      definitions of one or more authorization.

    Document Type Definition
      The Document Type Definition (DTD) file defines the constraints for an
      XML file. These constraints include the valid element tags,
      attributes, and the cardinality of elements in an XML file. The
      authorization DTD file is named authlist.dtd and is included in the
      following paragraph.  Note that due to man page formatting, the DTD
      contents may not appear the same as in the file.

      <?xml version="1.0" encoding="UTF-8" ?>

      <!-- READ THIS FIRST! This file is intentionally formatted with a
	   right margin set at 70. This allows the DTD file to be pasted
	   directly into the mxauth(4) man page file. Please respect this
	   constraint when editing this file. After edits are final for
	   a given release, please paste the final DTD version in the
	   mxauth(4) man page to keep the documentation current. -->

      <!-- The authlist consists of 0 or more node-authorization or
	   node-group-authorization elements.
      -->
      <!ELEMENT auth-list ( node-authorization |
			    node-group-authorization )* >

      <!-- The node-authorization element is an empty element with three
	   attributes:
	   The user-name attribute specifies the user name portion of the
	   authorization and is required.
	   The toolbox-name attribute specifies the toolbox name portion of the
	   authorization. This attribute should be specified. If neither the role name
	   or the toolbox name is specified the authorization is invalid. If both are
	   specified, only the toolbox name is used.
	   DEPRECATED: The role-name attribute specifies the toolbox name portion of
	   the authorization. This attribute provides backward compability with
	   previous versions of this product but should not be used. Use the
	   toolbox-name in its stead.
	   The node-name attribute specifies the node name portion of the
	   authorization.
      -->
      <!ELEMENT node-authorization EMPTY >
      <!ATTLIST node-authorization user-name	CDATA #REQUIRED
				   toolbox-name CDATA #IMPLIED
				   role-name	CDATA #IMPLIED
				   node-name	CDATA #REQUIRED >

      <!-- The node-group-authorization element is an empty element with
	   three attributes:
	   The user-name attribute specifies the user name portion of the
	   authorization.
	   The toolbox-name attribute specifies the toolbox name portion of the
	   authorization. This attribute should be specified. If neither the role name
	   or the toolbox name is specified the authorization is invalid. If both are
	   specified, only the toolbox name is used.
	   DEPRECATED: The role-name attribute specifies the toolbox name portion of
	   the authorization. This attribute provides backward compability with
	   previous versions of this product but should not be used. Use the
	   toolbox-name in its stead.
	   The node-group-name attribute specifies the node group name
	   portion of the authorization
      -->
      <!ELEMENT node-group-authorization EMPTY >
      <!ATTLIST node-group-authorization user-name	 CDATA #REQUIRED
					 toolbox-name	 CDATA #IMPLIED
					 role-name	 CDATA #IMPLIED
					 node-group-name CDATA #REQUIRED >

    Elements
      As defined in the DTD, the authorization XML file may contain the
      following elements.

      The first line of an authorization XML file should be in the following
      format:

      <?xml version="1.0" encoding="encoding-value" ?>

      where the user substitutes a recognized encoding value for the
      encoding-value parameter.	 The recognized encoding values may be found
      at the following web site:

      http://www.iana.org/assignments/character-sets

      If no XML header line is specified, the system defaults encoding to
      "UTF-8".

      The "auth-list" element must appear once in an authorization XML file
      and wraps the list of authorization information. The "auth-list"
      element may contain zero or more "node-authoriztion" elements or zero
      or more "node-group-authorization" elements or a combination of both.
      Note that if the "auth-list" element contains no other elements, the
      mxauth command will execute with no effect.
      The "node-authorization" and "node-group-authorization" elements are
      both empty element, that is, they contain no other elements.
      Additionally, they both have three mandatory attributes.
      The "user-name" attribute is mandatory and specifies the user name
      associated with the authorization. The "user-name" attribute is part
      of both the "node-authorization" and "node-group-authorization"
      elements.
      The "toolbox-name" attribute is mandatory and specifies the toolbox
      name associated with the authorization. The "toolbox-name" attribute
      is part of both the "node-authorization" and "node-group-
      authorization" elements.
      The "node-name" attribute is mandatory and specifies the node name
      associated with the node authorization. The "node-name" attribute is
      part of the "node-authorization" element.
      The "node-group-name" attribute is mandatory and specifies the node
      group name associated with the node group authorization. The "node-
      group-name" attribute is part of the "node-group-authorization"
      element.

    Commenting
      Comments may be included in XML files.  The comment must begin with
      the characters "<!--" and end with the characters "-->". Comments may
      span multiple lines within the beginning and ending character tags.

    Examples
      This section contains an example of an authorization XML file.

      This example shows a file containing two node authorizations and one
      node group authorization. Note that XML ignores white space between
      elements and attributes so the spacing in the example is arbitrary.

      <?xml version="1.0" encoding="UTF-8"?>
      <auth-list>
	  <node-authorization user-name="root"
			      toolbox-name="operator"
			      node-name="scmlin28.fc.hp.com" />
	  <node-authorization user-name="root"
			      toolbox-name="dbadmin"
			      node-name="scmlin28.fc.hp.com" />
	  <node-authorization user-name="root"
			      toolbox-name="Master Toolbox"
			      node-name="scmlin28.fc.hp.com" />
	  <node-group-authorization user-name="root"
				    toolbox-name="dbadmin"
				    node-group-name="group1" />
      </auth-list>


LIMITATIONS

      This command may only be run on the CMS.



AUTHOR

      mxauth was developed by the Hewlett-Packard Company.


SEE ALSO for HP-UX

      mxauth(1M), mxuser(1M), mxtoolbox(1M), mxnode(1M), mxngroup(1M)


SEE ALSO for Linux

      mxauth(8), mxuser(8), mxtoolbox(8), mxnode(8), mxngroup(8)