HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

321

322

323

324

325

326

327

328

329

330

The client-request-init.grp.dynauth Sample File

The client-request-init.grp.dynauth is the sample client request init

policy file. The following actions are performed in this sample policy file:

1. The SQL actions, to be used to generate Disconnect and CoA requests, are set in

the attribute Client-Request-Create-ActionId.

2. The SQL actions, to be used to generate the session entry to indicate that it has just

been processed for Disconnect and CoA, are set in the attribute

Client-Request-Update-ActionId.

3. The SQL actions, to be used to update the session entry for which a Disconnect

or CoA request timed out, are set in the attribute

Client-Request-Timeout-ActionId.

4. The RADIUS message type of the request is set in the attribute

Interlink-Packet-Code.

5. For CoA, the Filter-Id attribute is set based on the time of the day.

The attribute Client-Action-Name is used to differentiate between Disconnect

and CoA requests.

The client-reply-ingress.grp.dynauth Sample File

The client-reply-ingress.grp.dynauth file is the sample client reply

ingress policy file. In this policy file, the SQL actions to be used to update the database

table for Disconnect-ACK response, Disconnect-NAK response, CoA-ACK response

and CoA-NAK response are set in the Client-Request-Cleanup-ActionId attribute.

The Interlink-Packet-Code attribute is used to determine the response type.

The sqlaccess.config.dynauth Sample File

Table 20-1 lists the SQL actions listed in the sqlaccess.config.dynauth file to

support Dynamic Authorization.

Table 20-1 SQL Actions that Support Dynamic Authorization

DescriptionSQL action

Queries the session table for sessions that have

exceeded their session-timeout limit, and uses

CreateDisconnectReq

the information in the expired session to create a

Disconnect-Request. Based on multi-row

functionality, this SQL action retrieves all expired

sessions using a single query.

Updates the status of the session entry to indicate

that the session is processed for

Disconnect-Request.

UpdateDisconnectReq

Updates the status of the session entry to indicate

that the Disconnect-Request timed out.

TimeoutDisconnectReq

322 Configuring the HP-UX AAA Server for Dynamic Authorization