ClearBox Server™ v1.2 Developer's Guide

ICSVAccounting::SetLoggedAttributesNames

Server extension should call this method or SetLoggedAttributes (for RADIUS attributes only) to specify list of RADIUS or TACACS attributes that are logged into accounting logfile. It's necessary to call one of these methods prior to using LogRADPacketCSV, LogTACPacketCSV, LogRADPacketCSVEx or LogTACPacketCSVEx methods.

HRESULT SetLoggedAttributesNames(
	[in] unsigned long attributesNum,
	[in] BSTR * loggedAttributes,
	[in] VARIANT_BOOL radiusAttributes);

Parameters

attributesNum
[in] Number of elements in the array pointed by loggedAttributes parameter. This value must not be 0.
loggedAttributes
[in] Array of RADIUS or TACACS+ attributes names that should be logged when they are passed to LogRADPacketCSV, LogTACPacketCSV, LogRADPacketCSVEx or LogTACPacketCSVEx. RADIUS names are taken from the RADIUS dictionary of the server. Full list of RADIUS attributes can be found here, TACACS+ attribute-value pairs are listed here. This parameter must not be NULL, and any array member must not be NULL. This method is insensitive to the names case.

Besides RADIUS/TACACS+ attributes names, the so-called 'pseudo-names' can be passed. Here's the table of possible pseudo-attributes.

Pseudo attribute Meaning
@Time Current date and time
@Realm Realm of the user
@Username Username transformed in IRADIUSRealmStripping::RADIUSRealmStrip or ITACACSRealmStripping::TACACSRealmStripAuthorAcct
@NAS IP address of the NAS taken from the 'NAS-IP-Address' attribute of a request packet (is the same as @Client for TACACS+ packets)
@Client IP address of a client that has sent the packet

radiusAttributes
[in] Specifies whether loggedAttributes array contains names of RADIUS attributes (VARIANT_TRUE) or TACACS+ attribute names (VARIANT_FALSE).

Return Values

This method may return E_INVALIDARG if attributesNum=0, loggedAttributes=NULL, an array element is NULL or RADIUS attribute with a name specified is not found in the dictionary.

Thread Safety

This method can be called from any thread.

Memory Management

Server extension should allocate and free memory for loggedAttributes parameter.

Remarks

It's common case to call this method from ICommonExtenderEx::InitializeEx implementation.

Server maintains two separate lists for RADIUS and TACACS+ attributes, so call to this method with radiusAttributes set to VARIANT_TRUE (RADIUS attributes) doesn't affect list of TACACS logged attributes.

Example Code

This code uses m_pServer as IServer interface pointer stored in ICommonExtenderEx::InitializeEx implementation. It instructs the server that only 'User-Name', 'Acct-SessionTime' and 'Acct-Termination-Cause' RADIUS attributes will be logged together with current date and time (pseudo-attribute '@time').

ICSVAccounting* pAcc=NULL;
m_pServer->QueryInterface(IID_ICSVAccounting,(void**)&pAcc;
//QueryInterface will always succeed

BSTR* pNames=(BSTR*)CoTaskMemAlloc(sizeof(BSTR)*4);
pNames[0]=SysAllocString(L"@time"); // Current date and time
pNames[1]=SysAllocString(L"User-Name");
pNames[2]=SysAllocString(L"Acct-Session-Time");
pNames[3]=SysAllocString(L"Acct-Termination-Cause");

HRESULT hRes=pAcc->SetLoggedAttributesNames(4,pNames,VARIANT_TRUE);

for (int i=0;i<4;i++)
	SysFreeString(pNames[i]);

CoTaskMemFree(pNames);
// Call to  pAcc->Release() is not necessary

See Also

ICSVAccounting, Server services, CSV Accounting Logging, SetLoggedAttributes, LogRADPacketCSV, LogTACPacketCSV

© 2001-2003 XPerience Technologies. www.xperiencetech.com

Created by chm2web html help conversion utility.