Username & Password

Username and password authentication.

The RADIUS client sends an Access Request which includes the username and password (or possibly username and one-time password if OATH tokens are used). The Fortified Integrity RADIUS server responds with either an Access Accept or Access Reject.

Configurable response messages can be used to further authorization on the client side.

RADIUS Authenticator Type: UsernamePassword | RadiusUsernamePassword

Common authenticator properties can be found in the common configuration section.

Name

Description

Default value

Mandatory

pipe

Username, password validation pipe id.

N/A

{  
    "id": "auth02",  
    "type": "UsernamePassword",  
    "config": {    
        "selector": {      
            "host": "127.0.0.1",      
            "attrs": []    
        },    
        "pipe": "uidpwdpipe"  
    }
}

Logging

Apart from system logging, event logging is done when an authentication is complete.

Event ids are:

RAD_000100, Authentication success using username and passWord
- IDENTIFIER (user trace id)
- DESTINATION_USER_NAME (username from incoming request)
- SOURCE_ADDRESS (ip address of device starting transaction)
- CUSTOMER_IDENTIFIER (if configured)
- TRANSPORT_PROTOCOL (RADIUS)
RAD_000101, Authentication failure using username and passWord
- IDENTIFIER (user trace id)
- DESTINATION_USER_NAME (username from incoming request)
- SOURCE_ADDRESS (ip address of device starting transaction)
- CUSTOMER_IDENTIFIER (if configured)
- TRANSPORT_PROTOCOL (RADIUS)

Data sent to PIPE

All RADIUS request data as strings with attribute name as key.

PreviousReject Authenticator NextUsername, Password & OTP

hashtagLogging

hashtagData sent to PIPE

Logging

Data sent to PIPE