HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

251

252

253

254

255

256

257

258

259

260

Pseudonym Database Update AATV

As a result of a full authentication, the database may require a new record for the

pseudonym information. If the database includes an existing set of pseudonym

information, the information needs to be updated or made invalid each time the HP-UX

AAA Server assigns a new pseudonym.

Update AATV Inputs

The input to the Update AATV is the set of VSA on the AUTHREQ_REPLY_QUEUE list

of the authreq. Table 17-14 describes the Pseudonym Database Update AATV

attributes.

Table 17-14 Vendor-Specific Attributes for Pseudonym Database Update AATV

DescriptionAttribute

A string attribute that contains the user's real identity. This

identity contains neither a prefix nor a realm. The identity can

Real-Username

be an IMSI constituting up to 15 decimal digits. If the HP-UX

AAA Server is configured to support non-IMSI real identities,

the identity can be a non-IMSI real username constituting up

to 253 characters.

A string attribute that contains the user's real realm. This realm

can differ from the realm portion of the User-Name attribute

Real-Realm

value. If the AT_IDENTITY attribute contains only a username,

but no realm, the Real-Realm attribute contains an empty

string value.

A string attribute that contains the value sent by the HP-UX

AAA Server during the current authentication. This value is

Last-Assigned-

Pseudonym-Username

also the value of the next pseudonym. This username contains

a pseudonym prefix, 2. However, no realm is associated with

it. The length of the identity, including the prefix, can be up

to 253 characters. If no new pseudonym is assigned, the update

AATV is not called.

A Unix epoch date attribute that contains the UTC time at

which Last-Assigned-Pseudonym-Username expires.

Last-Assigned-Pseudonym-Expiration-Time

This attribute is present only if the value of the

Last-Assigned-Pseudonym-Username attribute is present.

If the peer authenticated using a pseudonym, the

Last-Used-Pseudonym-Username attribute contains the

Last-Used-Pseudonym- Username

pseudonym value of the current authentication. This identity

contains a pseudonym prefix, 2. However, no realm is

associated with it. The length of the identity can be up to 253

characters. Otherwise, this attribute is not present.

A Unix epoch date attribute that contains the UTC time at

which Last-Used-Pseudonym-Username expires. This

Last-Used-Pseudonym-

Expiration-Time

attribute is present only if the

Last-Used-Pseudonym-Username attribute is present and

Pseudonym Identities 259