HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

231

232

233

234

235

236

237

238

239

240

Table 66 SQL Actions that Support Dynamic Authorization (continued)

DescriptionSQL action

Checks the database for sessions for which the

Disconnect or CoA requests cannot be sent after

RestoreDroppedSessions

updating the session_status attribute. For example,

if a HUP signal is received, all the requests are purged

from the queue. Under such circumstances, sessions that

are updated with DISCONNECT_INIT will not be

processed again. Checks in the database for such sessions

ensure that the sessions are restored to ACTIVE state.

Sends an Access-Reject and disconnects a session if

the session is not found in the session table. If the session

AuthorizeSession

is found, this SQL action sends an Access-Accept to

reauthorize the session with a new Filter-Id value.

The sqlaccess.config.dynauth_server_group Sample File

The sqlaccess.config.dynauth_server_group file contains the SQL actions required to

implement the dynamic authorization functionality for Disconnect and CoA requests when multiple

HP-UX AAA Servers are configured as a group. You can modify these SQL actions based on

requirements.

Table 67 lists the SQL actions listed in the sqlaccess.config.dynauth_server_group file

to support Dynamic Authorization.

Table 67 SQL Actions that Support Dynamic Authorization in Groups

DescriptionSQL Action

Creates a user session entry in the session table. This SQL action

is used only when multiple HP-UX AAA Servers are configured as

a group.

StartSessionServerGroup

Creates a row for the HP-UX AAA Server in the

RAD_SERVER_TABLE, if a row does not exist. If a row exists for the

UpdateServerTable

HP-UX AAA Server, the SQL action executes a stored procedure

that updates the row. A mapping function is used to retrieve a

unique server name.

Executes a stored procedure every second. The stored procedure

distributes the expired sessions among the live HP-UX AAA Servers

in the group.

DistributeDisconnectSessions

Queries the session table for sessions assigned to the HP-UX AAA

Server, to process Disconnect requests. The SQL action also uses

CreateDisconnectReqServerGroup

the information in the expired session to create a

Disconnect-Request. The SQL action implements the multi-row

functionality to retrieve all expired sessions using a single query.

Updates the status of the session entry to indicate that it is already

processed for Disconnect-Request. This SQL action is used

only when multiple HP-UX AAA Servers are configured as a group.

UpdateDisconnectReqServerGroup

Updates the status of the session entry to indicate that the

Disconnect-Request has timed out. This SQL action is used

only when multiple HP-UX AAA Servers are configured as a group.

TimeoutDisconnectReqServerGroup

Removes the session entry for which a Disconnect-ACK was

received.

CleanupDisconnectedSession

Removes the session entry after receiving Disconnect-ACK. Also,

releases the IP address of the first session entry that was removed.

CleanupDisconnectedSession-DHCP

238 Configuring the HP-UX AAA Server for Dynamic Authorization