HP-UX AAA Server A.08.00.01 Administrator's Guide
The HP-UX AAA Server receives AKA vector directly when the external storage
(typically an AuC) generates the vector. An AATV must be written for this. For
information on how to write an AATV, see Chapter 28 (page 437)
NOTE: The xstring field in the realm configuration must not have spaces.
SQL Access Authentication Type
To use the SQL Access authentication type, you must include the following entry in
the authfile :
eapakarealm.com –AKA SQLAccess ActionId=RetrieveAkaUser
Also, you must include the RetrieveAkaUser SQL action in the sqlaccess.config
file.
The following SQL Action RetrieveAkaUser is configured to return the subscriber
key, AKA Mode, and SQN. After successfully retrieving from a SQL compliant database
(db_oci) the SQL Action returns RETRIEVE_SUCCESS, else it returns
RETRIEVE_ERROR.
SQLAction RetrieveAKAUser {
{
input
RAD(Real-Username, REPLY) DBP(runame, 253, CHAR)
output
DBR(100:0) RET(RETRIEVE_ERROR)
DBR(-1:*) RET(ERROR)
DBC(subscriber_key, 64, CHAR) FUNC(StoreInSubscriberKey) AAAHexToBinaryString
DBC(aka_mode, 16, CHAR) FUNC(StoreInAkaMode) AAAHexToBinaryString
DBC(aka_sequence_num, 32, CHAR) FUNC(StoreInAkaSeqNum) AAAHexToBinaryString
DBR(0:0) RET(RETRIEVE_SUCCESS)
DBR(*:*) RET(RETRIEVE_ERROR)
SQLStatement db_oci {
SELECT subscriber_key, aka_mode, aka_sequence_num
FROM RAD_USERS_TABLE
WHERE user_name=:runame
}
}
}
NOTE: The subscriber_key, aka_mode, and aka_sequence_num columns
must be added in RAD_USERS_TABLE.
StoreInSubscriberKey, StoreInAkaMode, and StoreInAkaSeqNum are the
pre-defined mapping functions which stores the binary string into Subscriber-Key,
AKA-Mode, AKA-Sequence-Number attributes respectively and inserts these AV-Pairs
into AUTHREQ_REPLY_QUEUE.
For more information on SQL Access, see Chapter 22 (page 333).
236 Configuring EAP-SIM and EAP-AKA Authentication Methods