ClearBox Server v1.2 Developer's Guide |
ICommonExtender::GetClientConnectionKeyThis method is called when server needs to know secret key shared with
specified client and HRESULT GetClientConnectionKey( [in] long clientIPAddr, [in] VARIANT_BOOL tacConnection, [in] VARIANT_BOOL authenPacket, [out] BSTR * connKey); Parameters
Return ValuesIf extension returns code other than S_OK, it is assumed that key was not found. Thread SafetyThis method is called in context of RAD, TAC, WORK and PROX threads. (See Server Threads Model for details.) You should synchronize data which is shared with other threads. Memory ManagementExtension must allocate memory for connKey by SysAllocString if it wants to return key or set it to NULL otherwise. RemarksIf connKey is not set (extension did not provide a key) and tacConnection=VARIANT_FALSE, RADIUS packet is discarded. If connKey is not set (extension did not provide a key) and tacConnection=VARIANT_TRUE and TACACS+ security settings require the key, TCP connection with TACACS+ client is closed. ClearBox Server allows to maintain separate secrets for RADIUS authentication and accounting ports. Example CodeThis code returns two different keys for authentication and accounting RADIUS clients, ignoring IP address of client. No key is returned for TACACS+ clients. STDMETHODIMP CTest::GetClientConnectionKey(long clientIPAddr, VARIANT_BOOL tacConnection, VARIANT_BOOL authenPacket, BSTR * connKey) { if (tacConnection==VARIANT_FALSE) // It is RADIUS packet { if (authenPacket==VARIANT_TRUE) *connKey=SysAllocString(L"myauthenticationsecret"); else *connKey=SysAllocString(L"myaccountingsecret"); } else *connKey=NULL; //We don't deal with TACACS+ clients return S_OK; } See AlsoICommonExtender, RADIUS secrets, TACACS+ secrets © 2001-2003 XPerience Technologies. www.xperiencetech.com |
Created by chm2web html help conversion utility. |