ADC SG-1 - page 178

Appendix A: SG-1 Vendor-Specific Attributes June 30, 2006

A-20 SG1-UM-8500-03

service:auth-source

This sub-attribute defines the source name to be used when the POPmaestro authorizes or authenticates a service

with the RADIUS. The POPmaestro performs a RADIUS access request when a service is activated. The

service:auth-source attribute defines the source name to be used as the user-name in this request. The

authentication source can have one of the following values: user, service, or CLI. When the value is not service, the

POPmaestro includes the requested service name in the RADIUS access request message (see user:service-name

attribute). The authentication source default value is service. The attribute may be included only once in access-

accept message. When appearing more than once, the system will consider the last attribute appearance.

General:

Format:

adc-avpair = "service:auth-source=<service | user | CLI>",

Example:

adc-avpair = "service:auth-source=CLI",

service:data-quota

This sub-attribute defines the service session data quota measured in bytes. The POPmaestro monitors the session

to track the data quota usage. When a service runs out of quota (session quota termination event occurs), the

system activates the next-service-name if defined (see next-service-name definition). This is true in case that the

service authentication base is set to be service. Otherwise the POPmaestro activates reauthorization according to

the configured service:auth-base value (see service:auth-base definition). A service:data-quota attribute with a zero

value indicates the POPmaestro that the connected session has no data credit left and should be logged off. The

POPmaestro then disconnects the session. When a session is disconnected or when the service is exchanged, the

POPmaestro includes the service:data-quota attribute in the accounting message with the remainder data credit.

The attribute may be included only once in access-accept message. When appearing more than once the system

will consider the last attribute appearance.

General:

Format:

adc-avpair = "service:data-quota=<data quota in bytes>",

Operation Mode: Access-Accept message

Service-Accept message

Vendor-type: 53

Vendor-length = 2 + name length + (3 - 7)

Operation Mode: Access-Accept message

Access-Request message

Service-Accept message

Service-Request message

Accounting-Request messages

Vendor-type: 54

Vendor-length = 2 + name length + (1 - 10)