Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
  
[+] Expand All
[-] Collapse All

Realm Selection Script Examples

Example 1: Querying Multiple SQL Databases

A common application of realm selection scripts is to query a database for information used to determine the realm name. If the database query fails, you can program the script to query other databases for the required information. In this example, the script defines two DataAccessor objects, each pointing to a different SQL database. It also defines AttributeFilter and RealmSelector objects.

When the script executes, it uses the AttributeFilter object to obtain the value of the Called-Station-ID attribute from the request. It uses this value as the key to look up a realm selection method name in the first SQL database. If the database record is not found, it retries the query on the second database.

The result of the database query is the name of a built-in Steel-Belted Radius Carrier realm selection method. The script then calls the RealmSelector.Execute() method to determine the realm name from the current request, which it returns as the script result.

Table 128 and Table 129 show sample data for the two databases:

Table 128: Database #1

CallStationId

RealmMethod

1111111

Suffix

2222222

Prefix

3333333

DNIS

4444444

Attribute-Mapping

Table 129: Database #2

CallStationId

RealmMethod

5555555

Suffix

6666666

Prefix

7777777

DNIS

8888888

Attribute-Mapping

Two data accessor .gen files are required. They are identical except for the MethodName and Connect settings.

[Bootstrap]
LibraryName=sqlaccessor.so
Enable=1
 
[Settings]
Connect=DSN=<dsn_name_here>;UID=<username_for_dB>;PWD=<password_for_dB>
ParameterMarker=?
SQL=SELECT RealmMethod FROM RealmExample1 WHERE CallStationId = @Called-Station-Id
MethodName=<RealmExample1-1 | RealmExample1-2>
MaxConcurrent=1
ConcurrentTimeout=30
ConnectTimeout=25
QueryTimeout=25
WaitReconnect=2
MaxWaitReconnect=360
PasswordFormat = 0
DefaultResults = 0
 
[Results]
RealmMethod= 1/16
 
[VariableTypes]
Called-Station-ID = string
RealmMethod = string

Finally, here is the script configuration file (.jsi) for this example. For script efficiency, you can use an initialization block to define persistent API objects.

[Settings]
LogLevel = 2
ScriptTraceLevel = 2
 
[Script]
// Initialization block
if (!this.initialized) {
filter = new AttributeFilter();
accessor1 = new DataAccessor("RealmExample1-1");
accessor2 = new DataAccessor("RealmExample1-2");
selector = new RealmSelector();
initialized = true;
}
else {
accessor1.Clear();
accessor2.Clear();
}
 
// Get the Called-Station-ID attribute from the request.
var csid = filter.Get("Called-Station-ID");
if (csid == null) {
SbrWriteToLog("RealmExample1: Called-Station-ID attribute is null");
return SCRIPT_RET_FAILURE;
}
accessor1.SetInputVariable("Called-Station-ID", csid);
accessor2.SetInputVariable("Called-Station-ID", csid);
 
// Try one database, then the other if the first search fails.
if (accessor1.Execute() == DataAccessor.FOUND) {
var method = accessor1.GetOutputVariable("RealmMethod");
}
else if (accessor2.Execute() == DataAccessor.FOUND) {
var method = accessor2.GetOutputVariable("RealmMethod");
}
else {
SbrWriteToLog("RealmExample1: SQL search failed for Called-Station-ID = '" + csid + "'");
return SCRIPT_RET_FAILURE;
}
 
// Execute the specified realm selection method and return the result.
SbrWriteToLog("RealmExample1: Executing method '" + method + "'");
var realm = selector.Execute(method);
return realm;
 
[ScriptTrace]
var = csid
var = method
var = realm

Example 2: Using JavaScript to Manipulate Request Attributes

In this example, an AttributeFilter object is used to obtain the User-Name attribute from the request. JavaScript string functions are used to extract the realm suffix decoration from the username. The suffix string is concatenated with the value of the Called-Station-Id attribute and is used to look up the realm name in a SQL database. The database query also returns the name of a profile to be merged with the result list upon successful authentication. The SetAuthProfile() function is called by the script to register the profile name.

This is an example database table for use with this script.

Table 130: Database Information

KeyString

RealmName

Profile

spacely1111111

spacely-realm1

SPACELY-PROFILE

spacely2222222

spacely-realm2

SPACELY-PROFILE

spacely3333333

spacely-realm3

SPACELY-PROFILE

spacely4444444

spacely-realm4

SPACELY-PROFILE

cogswell1111111

cogswell-realm1

COGSWELL-PROFILE

cogswell2222222

cogswell-realm2

COGSWELL-PROFILE

cogswell3333333

cogswell-realm3

COGSWELL-PROFILE

cogswell4444444

cogswell-realm4

COGSWELL-PROFILE

The corresponding data accessor .gen file is:

[Bootstrap]
LibraryName=sqlaccessor.so
Enable=1
[Settings]
Connect=DSN=<dsn_name_here>;UID=<username_for_dB>;PWD=<password_for_dB>
ParameterMarker=?
SQL=SELECT RealmName, Profile FROM RealmExample2 WHERE KeyString = @Key-String
MethodName=RealmExample2
MaxConcurrent=1
ConcurrentTimeout=30
ConnectTimeout=25
QueryTimeout=25
WaitReconnect=2
MaxWaitReconnect=360
PasswordFormat = 0
DefaultResults = 0
 
[Results]
RealmName = 1/32
Profile = 2/32
 
[VariableTypes]
RealmName = string
Profile = string
Key-String = string

 

The script configuration file is as follows.

[Settings]
LogLevel = 2
ScriptTraceLevel = 0
 
[Script]
 
// Allocate API objects at first execution.
if (!this.initialized) {
filter = new AttributeFilter();
selector = new RealmSelector();
accessor = new DataAccessor("RealmExample2");
}
else {
accessor.Clear();
}
 
// Get the realm suffix from the username attribute.
var suffix = "default";
var username = filter.Get("User-Name");
var index = username.lastIndexOf("@");
if (index >= 0) {
suffix = username.substring(index + 1);
}
 
// Get the Called-Station-ID attribute from the request.
var csid = filter.Get("Called-Station-ID");
if (csid == null) {
SbrWriteToLog("RealmExample2: Called-Station-ID attribute is null");
return SCRIPT_RET_FAILURE;
}
 
// Concatenate suffix and Calling-Station-ID string to the SQL search key.
accessor.SetInputVariable("Key-String", suffix + csid);
 
// Execute the data accessor and get realm name if search succeeds.
var realm;
if (accessor.Execute() == DataAccessor.FOUND) {
realm = accessor.GetOutputVariable("RealmName");
}
else {
SbrWriteToLog("RealmExample2: SQL search failed for key string '" + suffix + csid + "'");
return SCRIPT_RET_FAILURE;
}
 
// Set the profile to be merged after the authentication request.
var profile = accessor.GetOutputVariable("Profile");
selector.SetAuthProfile(profile);
 
// Return the realm name for processing the request.
return realm;
[ScriptTrace]
var = suffix
var = csid
var = realm
var = profile

 

Modified: 2018-01-11