Manualshelf

HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
241242243244245246247248249250
19 Oracle Authentication (Supported Using SQL Access)
IMPORTANT: The Oracle authentication module is deprecated in this release and will
be obsolete in the next release of the HP-UX AAA Server. The Oracle authentication
module is supported using SQL Access. HP recommends that you set up your HP-UX
AAA Server to interact with the Oracle database using the SQL Access feature. For
more details on implementing SQL Access, see Chapter 18: “SQL Access” (page 207) .
Oracle® authentication allows some user configuration to be stored in an Oracle
database. When dealing with a large number of users, this authentication type delivers
much higher server performance than the File or Unix-PW authentication types. In
addition to the user ID and password, this authentication type allows the server to add
information stored in the database to Access-Accept messages as reply items. It also
supports the servers load balancing feature.
The authentication type requires that you add user information to the Oracle database
by issuing SQL commands that write information to a table. A db_srv daemon, which
you must set up and run, provides the communication link between the AAA server
and the Oracle database.
NOTE: To use db_srv, you must purchase and install the Oracle development
package. The development libraries are needed to allow the db_srv program to run.
In addition, any environment setup required to allow Oracle to operate is also required
to allow the db_srv program to operate.
Related AATV Plug-In Modules And Processes
The FSM will call the AUTHENTICATE module, which calls the ORACLE authentication
module if Oracle has been specified as the authentication type in an authfile entry.
When the first Access-Request that requires Oracle authentication is received, the
ORACLE module forks a process as a single client. The module sends that and all
subsequent requests to this forked Oracle process, which communicates asynchronously
with thedb_srv daemon. After the Oracle process receives a request from the ORACLE
module, it uses an AUTH_NET_REQ data structure to send the request to the db_srv
daemon. The daemon performs the functions of an Oracle listener, waiting to receive
requests from the Oracle process.
248 Oracle Authentication (Supported Using SQL Access)