Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Types of Authentication Plug-Ins

    You can configure the authentication plug-ins described in Table 1. Because authentication and authorization are similar, the plug-in user interface does not distinguish between them. However, when you configure plug-ins, you need to set them up to perform the correct behavior, either authentication or authorization.

    You can configure multiple authentication plug-ins. The plug-ins are called in an arbitrary order, and each plug-in can return authorization values. (If multiple plug-ins return a session-timeout value, the smallest value is used.) Authentication or authorization succeeds if all plug-in calls succeed.

    Table 1: Authentication Plug-Ins



    Basic RADIUS authentication

    Sends authentication information to an external RADIUS authentication server or a group of redundant servers.

    Java class name—

    Custom RADIUS authentication

    Provides customized functions that can also be found in the flexible RADIUS authentication plug-ins. Custom plug-ins are internal plug-ins that are designed to deliver better system performance than the flexible RADIUS plug-ins. You can extend this plug-in by using the RADIUS client library.

    Java class name—

    Flexible RADIUS authentication

    Performs the same functions as the basic RADIUS authentication plug-in, but also lets you customize RADIUS authentication packets that the SAE sends to RADIUS servers. You can specify which fields are included in RADIUS authentication packets and what information is contained in the fields.

    Java class name—

    LDAP authentication

    Performs authentication against different directories using different authentication methods. There are two LDAP authentication plug-ins: one authenticates subscribers, and the second authenticates SRC administrators so that they can access the SAE Web Admin application.

    Java class name of the subscriber authentication plug-in—

    Java class name of the administrator authentication plug-in—

    Limiting subscribers

    Limits the number of authenticated subscribers who connect to an IP interface on the router.

    Java class name—

    Published: 2014-06-12