ClearBox Server™ v1.2 Developer's Guide

ITACACSRealmStripping

When to Implement

It's optional.

When to Use

It is implemented when server must proxy requests (via FOLLOW action) or distinguish between realms or determine username from TACACS+ packet content.

Methods in Vtable Order

ITACACSRealmStripping MethodsDescription
TACACSRealmStripAuthen
 Called by server to determine whether the request authentication packet will be forwarded and/or to strip user name and realm name from the packet content.
TACACSRealmStripAuthorAcct
 Called by server to determine whether the request authorization or accounting packet will be forwarded and to strip user name and realm name from the packet content.

Remarks

TACACS+ protocol was not designed to support proxy operation as it is used in RADIUS. ClearBox Server calls "forwarding" sending FOLLOW directive to the NAS (indicating that the TACACS+ server requests that authentication/authorization/accounting operation should be performed with an alternate server).

Library

Declared in <server installation path>\SDK\TACRADServer.tlb

See Also

Realms and packet forwarding, TACACS+ realm stripping and forwarding process

© 2001-2003 XPerience Technologies. www.xperiencetech.com

Created by chm2web html help conversion utility.