ClearBox Server v1.2 Developer's Guide |
IRADIUSRealmStripping::RADIUSRealmStripCalled by server to determine whether the request packet will be proxy-forwarded, and/or to strip user name and realm name from RADIUS attributes. HRESULT RADIUSRealmStrip( [in] long tag, [in,out] USERINFOLITE * userInf, [in] VARIANT_BOOL authenPacket, [in] unsigned long attrNum, [in] RADIUS_ATTRIBUTE * attribList, [out] VARIANT_BOOL * forwardPacket, [out] FORWARDADDRESS * fwdAddress, [in, out] VARIANT_BOOL* const returnChangedName, [out] VARIANT_BOOL * nameOK); Parameters
Return ValuesIf extension returns error code and User-Name attribute string value is empty, user is. Thread SafetyThis method is called in context of WORK thread. (See Server Threads Model for details.) You should synchronize data which is shared with other threads. Memory ManagementMemory for userInf fields is allocated and freed by server, so if extension changes userName field, it must reallocate memory for it by calling SysReAllocString. If extension defines a realm for a user, it must allocate realmName field with realm name calling SysAllocString. Memory for attribList is allocated and freed by server. RemarksExtension may transform name of a user, and it will appear updated in all further calls to server extension methods. Example CodeThis code finds NAS-Id attribute in the packet first. If it is equal to hard-coded value "SomeAccessServer", extension instructs server to forward this packet to specified server. In all other cases extension finds '@' character in user's name. If there's no such character, user is rejected. If name is valid, it is replaced by first part (suffix) and treated as actual user name. STDMETHODIMP CTest::RADIUSRealmStrip(long tag, USERINFOLITE * userInf, unsigned long attrNum, RADIUS_ATTRIBUTE * attribList, VARIANT_BOOL * forwardPacket, FORWARDADDRESS * fwdAddress, VARIANT_BOOL* const returnChangedName, VARIANT_BOOL * nameOK) { *forwardPacket=VARIANT_FALSE; *nameOK=VARIANT_TRUE; BSTR nasID=NULL; for (int i=0;i<i++) { if (attribList[i].type==32) // If it is NAS-Identifier { nasID=SysAllocStringByteLen( reinterpret_cast See AlsoIRADIUSRealmStripping, Realms and packet forwarding, RADIUS authentication packet processing, RADIUS accounting packet processing, RADIUS packet forwarding © 2001-2003 XPerience Technologies. www.xperiencetech.com |
Created by chm2web html help conversion utility. |