ClearBox Server™ v1.2 Developer's Guide

IRADIUSAuthorization::GetAutorejectAttributes

Called by server to obtain from extension RADIUS list of AutoReject attributes. If any of attributes from request packet match any of these attributes, packet is rejected.

HRESULT GetAutorejectAttributes(
	[in] long tag,
	[in] USERINFOLITE * userInf,
	[out] unsigned long * attrNumOut,
	[out] RADIUS_ATTRIBUTE * * outpAttributes);

Parameters

tag
[in] Unique value identifying RADIUS packet in whose context this method is called.
userInf
[in] Describes user.
attrNumOut
[out] If extension returns AutoReject attributes, it must set this parameter to the number of attributes in array pointed by outpAttributes.
outpAttributes
[out] If extension returns AutoReject attributes, it must set this parameter to array of attributes allocated by calling CoTaskMemAlloc. F_NOVALUE flag can be set to any attributes to specify that attribute matching is made by their type only, disregarding attributes values.

Return Values

If extension returns error code, it is assumed that no attributes were returned.

Thread Safety

This method is called in context of WORK thread. (See Server Threads Model for details.) You should synchronize data which is shared with other threads.

Memory Management

Memory for userInf fields is allocated and freed by server, so extension must not change them.

Memory for outpAttributes may be allocated by extension and is freed by server.

Remarks

If any attributes are returned in outpAttributes, flags attribute field must be explicitly set to 0 or any appropriate value.

Example Code

This code will make RADIUS server reject user John if his station Id is 3284238.

STDMETHODIMP CTest::GetAutorejectAttributes(long tag,
	USERINFOLITE * userInf, unsigned long * attrNumOut,
	RADIUS_ATTRIBUTE * * outpAttributes)
{
	if (wcscmp(userInf->userName,L"John")==0)
	{
		*attrNumOut=1;
		*outpAttributes=reinterpret_cast<RADIUS_ATTRIBUTE*>(
			CoTaskMemAlloc(sizeof(RADIUS_ATTRIBUTE)));
			
		(*outpAttributes)[0].type=31; //"Calling-Station-Id" attribute
		(*outpAttributes)[0].valType=RADSTR;
		char forbidStat[]="32842387"
		(*outpAttributes)[0].strSize=sizeof(forbidStat);
		(*outpAttributes)[0].strValue=
			reinterpret_cast<RADIUS_ATTRIBUTE*>(
			CoTaskMemAlloc(sizeof(forbidStat)));
		memcpy((*outpAttributes)[0].strValue,forbidStat,sizeof(forbidStat));
		(*outpAttributes)[0].flags=0;
	}

	return S_OK;
}

See Also

IRADIUSAuthorization, RADIUS Attributes, Authorization concepts, RADIUS authorization

© 2001-2003 XPerience Technologies. www.xperiencetech.com

Created by chm2web html help conversion utility.