Accounting Scenario

The Oracle® Enterprise Session Border Controller initiates the accounting session with an accounting REQUEST START. 

+-----------------------------------+
|           Common Header           |
|                                   |
|         type contains 0x3         |
+--------+--------+--------+--------+
| flags  |authen_ |priv_lvl|authen- |
|        |method  |        |type    |
|  0x02  |  0x05  |  0x00  |  0x01  |
|--------+--------+--------+--------+
|authen_ |user_len|port_len|rem_addr|
|service |        |        |_len    |
|  0X01  |    N   |    N   |    N   |
+----+---+--------+--------+--------+
|arg_cnt |arg1_len|arg2_len|arg3_len|
|    3   |    N   |    N   |    N   |
+--------+--------+--------+--------+
|                user               |
|    login name of an admin user    |
+-----------------------------------+
|                port               |
|               tty10               |
+-----------------------------------+
|              rem_addr             |
|         localhost address         |
+-----------------------------------+
|                AVP                |
|          task-id=13578642         |
+-----------------------------------+
|                AVP                |
|       start_time=1286790650       |
+-----------------------------------+
|                AVP                |
|           service=shell           |
+-----------------------------------+
  • The flags field contains an enumerated value ( 0x02 ) that identifies an accounting REQUEST START.
  • The authen_method field specifies the method used to authenticate the ACCOUNTING subject — 0x05 for TAC_PLUS_AUTHEN_METHOD_LOCAL (authentication by the client).
  • The priv_lvl field specifies the privilege level requested by the user — 0x00 for TAC_PLUS_PRIV_LVL_MIN.
  • The authen_type field specifies the authentication methodology — 0x01 for TAC_PLUS_AUTHEN_TYPE_ASCII (simple login).
  • The authen_ service field specifies the requesting service — 0x01 for TAC_PLUS_AUTHEN_SVC_LOGIN (login service).
  • The user_len field contains the length, in octets, of the user field.
  • The port_len field contains the length, in octets, of the port field.
  • The rem_addr_len field contains the length, in octets, of the rem_addr field.
  • The arg_cnt field contains the number of arguments in the message body.
  • The arg1_len field contains the length, in octets, of the task_id AVP.
  • The arg2_len field contains the length, in octets, of the start_time AVP.
  • The arg3_len field contains the length, in octets, of the service AVP.
  • The user field contains the login name of an admin user.
  • The port field contains the name of the Oracle® Enterprise Session Border Controller port on which authentication is taking place. Following Cisco Systems convention, this field contains the string tty10 .
  • The rem_addr field specifies the location of the user to be authenticated. This field contains the localhost address.
  • The arg1 field contains the mandatory task_id AVP.
  • The arg2 field contains the mandatory start_time AVP.
  • The arg3 field contains the mandatory service AVP.

The TACACS+ daemon returns an accounting REPLY reporting the status, indicating that accounting has started. 

+-----------------------------------+
|           Common Header           |
|                                   |
|         type contains 0x3         |
+-----------------+-----------------+
|  server_msg_len |     data_len    |
|        0        |        0        |
|--------+--------+-----------------+
| status |
|  0x01  |
+--------+
  • The server_msg_len and data_len fields both contain a value of 0 , as required by the TACACS+ protocol.
  • The status field specifies the authorization status — 0x01 for TAC_PLUS_ACCT_STATUS_SUCCESS (accounting processed).

The Oracle® Enterprise Session Border Controller reports ACLI command execution with an accounting REQUEST WATCHDOG. 

+-----------------------------------+
|           Common Header           |
|                                   |
|         type contains 0x3         |
+--------+--------+--------+--------+
| flags  |authen_ |priv_lvl|authen- |
|        |method  |        |type    |
|  0x08  |  0x05  |  0x00  |  0x01  |
|--------+--------+--------+--------+
|authen_ |user_len|port_len|rem_addr|
|service |        |        |_len    |
|  0X01  |    N   |    N   |    N   |
+----+---+--------+--------+--------+
|arg_cnt |arg1_len|arg2_len|arg3_len|
|    4   |    N   |    N   |    N   |
+--------+--------+--------+--------+
|arg4_len|           user           |
|        | login name of admin user |
+--------+--------------------------+
|                port               |
|               tty10               |
+-----------------------------------+
|              rem_addr             |
|         localhost address         |
+-----------------------------------+
|                AVP                |
|          task-id=13578642         |
+-----------------------------------+
|                AVP                |
|       start_time=1286790650       |
+-----------------------------------+
|                AVP                |
|           service=shell           |
+-----------------------------------+
|                AVP                |
|  cmd=configure terminal security  |
+-----------------------------------+
  • The flags field contains an enumerated value ( 0x08 ) that identifies an accounting REQUEST WATCHDOG.
  • The authen_method field specifies the method used to authenticate the ACCOUNTING subject — 0x05 for TAC_PLUS_AUTHEN_METHOD_LOCAL (authentication by the client).
  • The priv_lvl field specifies the privilege level requested by the user — 0x00 for TAC_PLUS_PRIV_LVL_MIN.
  • The authen_type field specifies the authentication methodology — 0x01 for TAC_PLUS_AUTHEN_TYPE_ASCII (simple login).
  • The authen_ service field specifies the requesting service — 0x01 for TAC_PLUS_AUTHEN_SVC_LOGIN (login service).
  • The user_len field contains the length, in octets, of the user field.
  • The port_len field contains the length, in octets, of the port field.
  • The rem_addr_len field contains the length, in octets, of the rem_addr field.
  • The arg_cnt field contains the number of arguments in the message body.
  • The arg1_len field contains the length, in octets, of the task_id AVP.
  • The arg2_len field contains the length, in octets, of the start_time AVP.
  • The arg3_len field contains the length, in octets, of the service AVP.
  • The arg4_len field contains the length, in octets, of the cmd AVP.
  • The user field contains the login name of an admin user.
  • The port field contains the name of the Oracle® Enterprise Session Border Controller port on which authentication is taking place. Following Cisco Systems convention, this field contains the string tty10 .
  • The rem_addr field specifies the location of the user to be authenticated. This field contains the localhost address.
  • The arg1 field contains the mandatory task_id AVP.
  • The arg2 field contains the mandatory start_time AVP.
  • The arg3 field contains the mandatory service AVP.
  • The arg4 field contains the mandatory cmd AVP.

The TACACS+ daemon returns an accounting REPLY reporting the status, indicating that the ACLI operation has been processed. 

+-----------------------------------+
|           Common Header           |
|                                   |
|         type contains 0x3         |
+-----------------+-----------------+
|  server_msg_len |     data_len    |
|        0        |        0        |
|--------+--------+-----------------+
| status |
|  0x01  |
+--------+
  • The server_msg_len and data_len fields both contain a value of 0 , as required by the TACACS+ protocol.
  • The status field specifies the authorization status — 0x01 for TAC_PLUS_ACCT_STATUS_SUCCESS (accounting processed).

The Oracle® Enterprise Session Border Controller reports an admin user logout or timeout with an accounting REQUEST STOP. 

+-----------------------------------+
|           Common Header           |
|                                   |
|         type contains 0x3         |
+--------+--------+--------+--------+
| flags  |authen_ |priv_lvl|authen- |
|        |method  |        |type    |
|  0x04  |  0x05  |  0x00  |  0x01  |
|--------+--------+--------+--------+
|authen_ |user_len|port_len|rem_addr|
|service |        |        |_len    |
|  0X01  |    N   |    N   |    N   |
+----+---+--------+--------+--------+
|arg_cnt |arg1_len|arg2_len|arg3_len|
|    3   |    N   |    N   |    N   |
+--------+--------+--------+--------+
|                user               |
|    login name of an admin user    |
+-----------------------------------+
|                port               |
|               tty10               |
+-----------------------------------+
|              rem_addr             |
|         localhost address         |
+-----------------------------------+
|                AVP                |
|          task-id=13578642         |
+-----------------------------------+
|                AVP                |
|        stop_time=1286790650       |
+-----------------------------------+
|                AVP                |
|           service=shell           |
+-----------------------------------+
  • The flags field contains an enumerated value ( 0x04 ) that identifies an accounting REQUEST STOP.
  • The authen_method field specifies the method used to authenticate the ACCOUNTING subject — 0x05 for TAC_PLUS_AUTHEN_METHOD_LOCAL (authentication by the client).
  • The priv_lvl field specifies the privilege level requested by the user — 0x00 for TAC_PLUS_PRIV_LVL_MIN.
  • The authen_type field specifies the authentication methodology — 0x01 for TAC_PLUS_AUTHEN_TYPE_ASCII (simple login).
  • The authen_ service field specifies the requesting service — 0x01 for TAC_PLUS_AUTHEN_SVC_LOGIN (login service).
  • The user_len field contains the length, in octets, of the user field.
  • The port_len field contains the length, in octets, of the port field.
  • The rem_addr_len field contains the length, in octets, of the rem_addr field.
  • The arg_cnt field contains the number of arguments in the message body.
  • The arg1_len field contains the length, in octets, of the task_id AVP.
  • The arg2_len field contains the length, in octets, of the start_time AVP.
  • The arg3_len field contains the length, in octets, of the service AVP.
  • The user field contains the login name of an admin user.
  • The port field contains the name of the Oracle® Enterprise Session Border Controller port on which authentication is taking place. Following Cisco Systems convention, this field contains the string tty10 .
  • The rem_addr field specifies the location of the user to be authenticated. This field contains the localhost address.
  • The arg1 field contains the mandatory task_id AVP.
  • The arg2 field contains the mandatory start_time AVP.
  • The arg3 field contains the mandatory service AVP.

The TACACS+ daemon returns an accounting REPLY reporting the status, indicating that accounting has terminated. 

+-----------------------------------+
|           Common Header           |
|                                   |
|         type contains 0x3         |
+-----------------+-----------------+
|  server_msg_len |     data_len    |
|        0        |        0        |
|--------+--------+-----------------+
| status |
|  0x01  |
+--------+
  • The server_msg_len and data_len fields both contain a value of 0 , as required by the TACACS+ protocol.
  • The status field specifies the authorization status — 0x01 for TAC_PLUS_ACCT_STATUS_SUCCESS (accounting processed).
Previous
Previous 		Next
Next
Go To Table Of Contents
Contents