HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

251

252

253

254

255

256

257

258

259

260

1. Install the sample implementation. See the README files in the respective directory for the

supported environments at /opt/aaa/examples/sqlaccess/ for specific implementation

information.

Review the sample implementation, and note any modifications and customizations required

for your specific implementation. See “SQL Access Implementation Details” (page 254) for

information on the functionality provided by the sample implementation. If you need to

customize the sample implementation, continue with steps 2 to 5.

2. Create or modify the database tables based on your implementation of SQL Access. You can

use the sample schema provided in the sample configuration files located at /opt/aaa/

examples/sqlaccess/oracle-1/ or /opt/aaa/examples/sqlaccess/mysql-1

as a starting point.

3. Create or modify the /etc/opt/aaa/sqlaccess.config file. This file contains database

connection definitions, SQL action definitions, and an optional global definition. See

“sqlaccess.config File Configuration” (page 255) for detailed information on the

sqlaccess.config file structure.

4. Configure SQL Access execution based on your implementation:

• If SQL Access is used to retrieve user profiles, configure the SQL action for the desired

realm on the Local Realm screen in the Server Manager. See “Adding a Realm” (page 72)

for more information.

• If SQL Access is used for more advanced implementations, such as accounting and session

management, modify the Finite State Machine (FSM) radius.fsm file to specify the

execution of specific SQL actions for particular events. See “Finite State Table Configuration

in the FSM” (page 271) for more information. The sample implementation includes two

modified FSMs configured for accounting without session management and accounting

with session management using the SQL Access feature.

5. Restart the server. You can also send the kill -HUP signal to activate the SQL access

implementation while the AAA server is running if you have not modified the FSM. Refer to

“HUP Processing” (page 381) for details on the kill -HUP signal.

sqlaccess.config File Configuration

The sqlaccess.config file consists of the following definition types:

• An optional Global Definition;

• One or more database connection definitions (DBID) used to set up the database connection;

• One or more SQL action definitions that identify the input and output parameters and the SQL

statement for execution.

The sqlaccess.config file definitions are as follows:

/* Global Definition*/

[SQLMapConvLibs “path_to_lib:path_to_lib:…:path_to_lib”]

/*Database Connection Definition*/

DBID instance {

DBClient db_client_library_interface

[DBUser db_user]

[DBPassword db_user_password]

[ReconnectWaitTime reconnect_wait_time]

[ReconnectErrorCodes reconnect_err_code]

[OracleSID Oracle_db_instance]

[ODBCDatastore ODBC_db_instance]

}

Implementing SQL Access 255