Summary of the Login Process
The SAE login process is summarized in the steps below. If any of the steps fail, the login process stops, and no subscriber session is created.
A login event occurs (see Login Events) and triggers the login process.
In case of a portal login, the SAE invokes the authentication plug-ins to authenticate the request.
The SAE invokes the subscriber classification script and provides to the script details about the login event (for example, interface name, subscriber IP address if available, login name if available, and login event type).
The script sends an LDAP query that uniquely identifies a subscriber entry in the directory to the SAE.
The SAE loads the subscriber entry from the directory and uses the entry to create a subscriber session in memory.
The SAE queries all configured authorization plug-ins about whether it should allow the login.
The SAE completes the login process by activating the subscriber’s activate-on-login subscriptions.