ClearBox Server v1.2 Developer's Guide |
IRADIUSAuthentication::GetChallengeResponseAttributesCalled by server after extension has returned ACCESS_CHALLENGE in response to IRADIUSAuthentication::CanAuthenticate method call, to obtain attributes to include in challenge packet. HRESULT GetChallengeResponseAttributes( [in] long tag, [in] AUTHENTYPE authType, [in] USERINFOLITE * userInf, [out] unsigned char * waitForAttribute, [out] unsigned long * attrNumOut, [out] RADIUS_ATTRIBUTE * * outpAttributes); Parameters
Return ValuesIf extension returns error code, it is assumed that no attributes were returned, but challenge-reponse is still sent. Thread SafetyThis method is called in context of WORK thread. (See Server Threads Model for details.) You should synchronize data which is shared with other threads. Memory ManagementMemory for userInf fields is allocated and freed by server, so extension must not change them. Memory for outpAttributes is allocated by extension and is freed by server. RemarksIf any attributes are returned in outpAttributes, flags attribute field must be explicitly set to 0 or any appropriate value. Example CodeThis code returns two attributes which must be included in challenge response packet. STDMETHODIMP CTest::GetChallengeResponseAttributes( long tag, AUTHENTYPE authType, USERINFOLITE * userInf, unsigned char * waitForAttribute, unsigned long * attrNumOut, RADIUS_ATTRIBUTE * * outpAttributes ) { *waitForAttribute=2; // We expect response in User-Password attribute if (authType==AT_PAP) { *attrNumOut=2; *outpAttributes=reinterpret_cast<RADIUS_ATTRIBUTE*&gr;( CoTaskMemAlloc(sizeof(RADIUS_ATTRIBUTE)*2)); (*outpAttributes)[0].type=18; // "Reply-Message" attribute (*outpAttributes)[0].valType=RADTXT; (*outpAttributes)[0].txtValue=SysAllocString( L"Please, re-enter your password"); (*outpAttributes)[0].flags=0; (*outpAttributes)[1].type=76; // "Prompt" attribute (*outpAttributes)[1].valType=RADINT; (*outpAttributes)[1].dwValue=0; // "No echo" value (*outpAttributes)[1].flags=0; } return S_OK; } See AlsoIRADIUSAuthentication, IRADIUSAuthentication::CanAuthenticate, IRADIUSAuthentication::ChallengeDataReply, Authentication concepts, RADIUS specific authentication © 2001-2003 XPerience Technologies. www.xperiencetech.com |
Created by chm2web html help conversion utility. |