Authentication START Packet
The Oracle® Enterprise Session Border Controller, acting as a TACACS+ client, sends an authentication START packet to the TACACS+ daemon to initiate an authentication session. The daemon must respond with a REPLY packet.
The authentication START packet format is as follows.
+-----------------------------------+ | Common Header | | | | type contains 0x1 | +--------+--------+--------+--------+ |action |priv_lvl|authen_ |service | | | |type | | |--------+--------+--------+--------+ |user_len|port_len|rem_addr|data_len| | | |_len | | +--------+--------+--------+--------+ | user ... | +-----------------------------------+ | port ... | +-----------------------------------+ | rem-addr ... | +-----------------------------------+ | data ... | +-----------------------------------+
action
This 8-bit field contains an enumerated value that identifies the requested authentication action. For the current TACACS+ implementation, this field always contains a value of 0x01 , indicating user login authentication.
priv_lvl
This 8-bit field contains an enumerated value that identifies the privilege level requested by an authenticating user. For the current TACACS+ authentication implementation, this field always contains a value of 0x01 , indicating the user level.
authen-type
This 8-bit field contains an enumerated value that identifies the authentication methodology. Supported values are as follows:
0x01 ASCII — simple login, Oracle® Enterprise Session Border Controller prompts for username and password
0x02 PAP — as specified in RFC 1334
0x03 CHAP — as specified in RFC 1994
service
This 8-bit field contains an enumerated value that identifies the service requesting the authentication. For the current TACACS+ implementation, this field always contains a value of 0x01 , indicating user login authentication.
user_len
This 8-bit field contains the length of the user field in octets.
port_len
This 8-bit field contains the length of the port field in octets. As the port field is not used in the current TACACS+ authentication implementation, the port_len field always contains a value of 0 as specified in Section 4 of the TACACS+ draft RFC.
rem_addr_len
This 8-bit field contains the length of the rem_addr field in octets. As the rem_addr field is not used in the current TACACS+ authentication implementation, the rem_addr_len field always contains a value of 0 as specified in Section 4 of the TACACS+ draft RFC.
data_len
This 8-bit field contains the length of the data field in octets.
user
This variable length field contains the login name of the user to be authenticated.
port
This variable length field contains the name of the Oracle® Enterprise Session Border Controller port on which authentication is taking place. Following Cisco Systems convention, this field contains the string tty10 .
rem_addr
This variable length field contains the location of the user to be authenticated. This field contains the localhost address.
data
This optional variable length field contains miscellaneous data.