RADIUS
This module allows for authentication using an external Remote Authentication Dial-In User Service (RADIUS) server. The RADIUS Authentication attributes are realm attributes. The attributes are:
Server 1
Displays the IP address or fully qualified host name of the primary RADIUS server. The default IP address is 127.0.0.1. The field will recognize any valid IP address or host name. Multiple entries must be prefixed by the local server name as in the following syntax:
local_servername|ip_address local_servername2|ip_address ...
Server 2
Displays the IP address or fully qualified domain name (FQDN) of the secondary RADIUS server. It is a failover server which will be contacted if the primary server could not be contacted. The default IP address is 127.0.0.1. Multiple entries must be prefixed by the local server name as in the following syntax:
local_servername|ip_address local_servername2|ip_address ...
Shared Secret
Carries the shared secret for RADIUS authentication. The shared secret should have the same qualifications as a well-chosen password. There is no default value for this field.
Shared Secret Confirm
Confirmation of the shared secret for RADIUS authentication.
Port Number
Specifies the port on which the RADIUS server is listening. The default value is 1645.
Timeout
Specifies the time interval in seconds to wait for the RADIUS server to respond before a timeout. The default value is 3 seconds. It will recognize any number specifying the timeout in seconds.
Authentication Level
The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication mechanism. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0.
Note –
If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Authentication Level.
- © 2010, Oracle Corporation and/or its affiliates