ClearBox Server v1.2 Developer's Guide |
IRADIUSAuthentication::ChallengeDataReplyCalled when server receives response to its previous challenge-request. HRESULT ChallengeDataReply( [in] long tag, [in] long prevTag, [in] AUTHENTYPE authType, [in] USERINFOLITE * userInf, [in] RADIUS_ATTRIBUTE* stored, [out] RADAUTHENREPLY * authenRes); Parameters
Return ValuesIf extension returns error code, user is rejected. Thread SafetyThis method is called in context of WORK thread. (See Server Threads Model for details.) You should synchronize data which is shared with other threads. Memory ManagementMemory for userInf fields is allocated and freed by server, so extension must not change them. Memory for fields in stored parameter is allocated and freed by server. RemarksIf challenge response was received, but IRADIUSAuthentication is not implemented, user is rejected. stored attribute may be invalid (i.e. with zero type field) if requested attribute was not found or it has expired and has been deleted after time specified in Server Manager -> Server settings -> Agent settings -> Free lost RADIUS resources after... Example CodeThis code assumes that in response to first access packet challenge was sent with prompt to the user "Input your secret". If next request packet does not contain user's response in User-Password attribute or value he has entered is incorrect (does not match with hard-coded string "weexpectedit"), user is rejected. STDMETHODIMP CTest::ChallengeDataReply(long tag, long prevTag, AUTHENTYPE authType, USERINFOLITE * userInf, RADIUS_ATTRIBUTE stored, RADAUTHENREPLY * authenRes) { if (stored->type!=2) // It is not "User-Password" attribute { *authenRes=ACCESS_REJECT; return S_OK; } if (strncmp(reinterpret_cast<const char*>(stored->strValue), "weexpectedit",stored->strSize)==0) *authenRes=ACCESS_ACCEPT; else *authenRes=ACCESS_REJECT; return S_OK; } See AlsoIRADIUSAuthentication, IRADIUSAuthentication::GetChallengeResponseAttributes, Authentication concepts, RADIUS specific authentication © 2001-2003 XPerience Technologies. www.xperiencetech.com |
Created by chm2web html help conversion utility. |