Username & Password

Username and password authentication.

The RADIUS client sends an Access Request which includes the username and password (or possibly username and one-time password if OATH tokens are used). The Fortified Integrity RADIUS server responds with either an Access Accept or Access Reject.

Configurable response messages can be used to further authorization on the client side.

RADIUS Authenticator Type: UsernamePassword | RadiusUsernamePassword

Common authenticator properties can be found in the common configuration section.

Name Description Default value Mandatory

Name	Description	Default value	Mandatory
`pipe`	Username, password validation pipe id.	N/A

pipe

Username, password validation pipe id.

N/A

{  
    "id": "auth02",  
    "type": "UsernamePassword",  
    "config": {    
        "selector": {      
            "host": "127.0.0.1",      
            "attrs": []    
        },    
        "pipe": "uidpwdpipe"  
    }
}

Logging

Apart from system logging, event logging is done when an authentication is complete.

Event ids are:

RAD_000100, Authentication success using username and password
- IDENTIFIER (user trace id)
- DESTINATION_USER_NAME (username from incoming request)
- SOURCE_ADDRESS (ip address of device starting transaction)
- CUSTOMER_IDENTIFIER (if configured)
- TRANSPORT_PROTOCOL (RADIUS)
RAD_000101, Authentication failure using username and password
- IDENTIFIER (user trace id)
- DESTINATION_USER_NAME (username from incoming request)
- SOURCE_ADDRESS (ip address of device starting transaction)
- CUSTOMER_IDENTIFIER (if configured)
- TRANSPORT_PROTOCOL (RADIUS)

Data sent to PIPE

All RADIUS request data as strings with attribute name as key.

PreviousReject Authenticator NextUsername, Password & OTP