Copyright Digital Equipment Corp. All rights reserved.

X_Authority_Files

   The X authority file is a binary data file that contains
   information used to authorize connections to the X server on a
   system running DECwindows Motif Version 1.3 or higher.

   Each time a client application attempts to connect to an X
   server system that uses an authorization protocol, it references
   the current X authority file to determine the appropriate
   authorization key to apply in order to authenticate the
   connection. Each authorization key consists of the protocol name
   and token, which can be one of the following depending on the
   protocol in use:

   o  MIT-MAGIC-COOKIE-1 + random numeric code

   o  MIT-KERBEROS-5 + encrypted string (cached separately)

   By default, an X authority file is created automatically the
   first time a user logs into a desktop on a system configured
   for MIT-MAGIC-COOKIE-1 or MIT-KERBEROS-5 authentication.
   The file is stored in that user's OpenVMS login directory
   (SYS$LOGIN:DECW$XAUTHORITY.DECW$XAUTH). Each time the user
   subsequently logs into a desktop on that system, a new
   authorization key is generated, passed to the X server, and
   written to the user's X authority file. This key controls access
   to the X server during the DECwindows Motif session.

   A separate X authority file can be manually defined on a server
   level (using the DECW$SERVER_XAUTHORITY symbol) for those client
   applications that require access to the X server outside of the
   normal DECwindows Motif login process.

   If the SECURITY extension is enabled, authorization keys can also
   be manually generated. Manually-generated keys can be used to
   further restrict server access. The generated key is stored in
   the X authority file on the client system overwriting any value
   already present for the specified display server. The key can be
   distributed to different client systems to allow connections
   to a specific server and can be revoked to stop subsequent
   connections.

   Generated keys are assigned an authorization ID that associates
   the key with the user who generated the key. As a result, only
   the user who generated the key can revoke the key.

Additional information available:

Format_of_File_Entries          Specifying_an_X_Authority_File