TAC_AUTHORPARAMSData from TACACS+ authorization and accounting packet header. struct TAC_AUTHORPARAMS {
long clientIPAddress;
unsigned char authentication_method;
unsigned char privilege_level;
unsigned char authentication_type;
unsigned char authentication_service;
BSTR user;
BSTR realmName;
BSTR port;
BSTR remote_address;
};
Members
- clientIPAddress
- IP address of the TACACS+ client that sent the request packet (in
network byte order).
- authentication_method
- Authentication method used by the client to authenticate user.
Possible values are:
- TAC_PLUS_AUTHEN_METH_NOT_SET
- TAC_PLUS_AUTHEN_METH_NONE
- TAC_PLUS_AUTHEN_METH_KRB5 (Kerberos v5)
- TAC_PLUS_AUTHEN_METH_LINE (A fixed password associated with the line used to gain access)
- TAC_PLUS_AUTHEN_METH_ENABLE (A command that authenticates in order to grant new privileges)
- TAC_PLUS_AUTHEN_METH_LOCAL
- TAC_PLUS_AUTHEN_METH_TACACSPLUS (TACACS+)
- TAC_PLUS_AUTHEN_METH_GUEST (An unqualified guest authentication)
- TAC_PLUS_AUTHEN_METH_RADIUS (RADIUS)
- TAC_PLUS_AUTHEN_METH_KRB4 (Kerberos v4)
- TAC_PLUS_AUTHEN_METH_RCMD (Authentication provided via the R-command protocols from Berkeley Unix)
- privilege_level
- User's current level of privilege (number from to 15 inclusive).
- authentication_type
- Type of authentication that was performed.
Possible values are:
- TAC_PLUS_AUTHEN_TYPE_ASCII
- TAC_PLUS_AUTHEN_TYPE_PAP
- TAC_PLUS_AUTHEN_TYPE_CHAP
- TAC_PLUS_AUTHEN_TYPE_ARAP
- TAC_PLUS_AUTHEN_TYPE_MSCHAP
See Authentication methods for more details. - authentication_service
- Service through which the user authenticated.
Possible values are:
- TAC_PLUS_AUTHEN_SVC_NONE
- TAC_PLUS_AUTHEN_SVC_LOGIN
- TAC_PLUS_AUTHEN_SVC_ENABLE
- TAC_PLUS_AUTHEN_SVC_PPP
- TAC_PLUS_AUTHEN_SVC_ARAP
- TAC_PLUS_AUTHEN_SVC_PT
- TAC_PLUS_AUTHEN_SVC_RCMD
- TAC_PLUS_AUTHEN_SVC_X25
- TAC_PLUS_AUTHEN_SVC_NASI
- TAC_PLUS_AUTHEN_SVC_FWPROXY
- user
- User name.
- realmName
- User realm (if available, NULL otherwise).
- port
- Name of client port on which the authentication was done.
- remote_address
- User's remote location.
See AlsoTACACS+ authorization packet processing, TACACS+ accounting packet processing
© 2001-2003 XPerience Technologies. www.xperiencetech.com
|