submitconfirmuser

The submitconfirmuser() function controls whether or not a user must enter a password before the current task request is accepted. When this function is set, the user submitting the request is prompted for the password that is associated with the submit host username set in this function.

The user’s failure to provide the correct password does not automatically result in a rejection of the secured task request. The policy should examine the result of the submitconfirmuser() function and respond accordingly.

result = submitconfirmuser(user[, prompt[, attempts[, name, time]]]);
user Required. A string that contains a username that exists on the submit host.
prompt Optional. The prompt text for the password. The default is Enter password for <user>.
attempts Optional. The number of attempts that the user has to enter the correct password. The default value for attempts is 3.
name

Optional. The name of a persistent variable whose expiration determines the reauthenticate grace period. The value must start with a dollar sign ($), otherwise no grace period is set and submitconfirmuser() automatically prompts for a password.

If name is specified, the time parameter (below) is required.

time

Required if name argument (above) is specified). The expiry date (number of seconds) after which a prompt is forced. submitconfirmuser() returns true without prompting the user for a password if the persistent variable, defined by the name argument, exists and its expiry date, defined by time, has not been exceeded.

true Password matched.
false Password did not match.
result = submitconfirmuser(user, "Please enter the user's password:", 3);
if (result != 1) {
reject;
}

In this example, the prompt "Please enter the user’s password:" is displayed and the user is allowed three login attempts.

submitconfirmuser(user, "Passwd for "+user+": ", 3, "$gpvar5", 300);

In this example, a persistent variable gpvar5 is created at initial successful user authentication and for 5 minutes (300 seconds) thereafter, the user is not prompted for a password.