How Internal Plug-Ins Work
Plug-ins work with the SAE through events. Events such as subscriber logins and logouts, as well as service activation and deactivation, trigger the SAE to create event objects and send them to plug-in instances that are configured to receive the events. When a plug-in receives an event, it processes the event. For example, when a subscriber logs in, the SAE sends the username and password to an authentication plug-in that compares the username and password with data stored in a directory.
The plug-in configuration is made up of a plug-in pool and event publishers.
The plug-in pool consists of plug-in instances. A plug-in instance describes a particular plug-in that can handle events that it receives from the SAE. An authorization plug-in instance might be set up to perform RADIUS authentication when it receives a subscriber login event. A tracking plug-in instance might be set up to write accounting information to a file when it receives service session events.
For each type of plug-in you can create multiple instances that contain different configurations of the plug-in.
If you have multiple retailers, you might use different authentication methods and servers to authenticate each retailer’s subscribers. In this case you could set up an authentication plug-in instance for each retailer.
You could also set up a tracking plug-in instance to write certain accounting information to a file whenever it receives an event. Then you could set up another instance that writes different accounting information to a different file. You could then use one instance to track subscriber sessions and another to track service sessions. Or you could set up plug-in instances to track different types of services.
Event publishers tell the SAE which events to send to which plug-in instances. There are four types of event publishers. Each type determines the scope of events that are sent to plug-in instances.
Service-specific publishers—Authenticate subscribers of a particular service, authorize sessions for the service, and track subscriber activity related to the service
Retailer-specific publishers—Authenticate and track subscribers and authorize DHCP address allocations for subscribers who log in to the domain(s) of a particular retailer
Virtual router–specific publishers—Authenticate and track managed interfaces on a particular virtual router
Global publishers—Authorize all subscriber sessions, track all subscriber and service sessions, authorize DHCP address allocations for all DHCP subscribers, and authorize all subscribers to change their subscriptions; authenticate subscribers and authorize DHCP address allocations for subscribers who log in to a retailer domain for which no retailer-specific authentication plug-ins are specified; and track all router interfaces that the SAE manages
Each publisher can notify a number of plug-in instances when an event occurs, and each plug-in instance can be registered with a number of publishers.