cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # The contents of this file are subject to the terms of the Common Development and
cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # Distribution License (the License). You may not use this file except in compliance with the
cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # specific language governing permission and limitations under the License.
cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # When distributing Covered Software, include this CDDL Header Notice in each file and include
cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # Header, with the fields enclosed by brackets [] replaced by your own identifying
cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # information: "Portions copyright [year] [name of copyright owner]".
cb241c1aa2096e51864b45398cc15850b0ce4d8cjamiebowen # Copyrighted 2015 Intellectual Reserve, Inc (IRI)�
dba6264e760052e4f42a5114d2690f1e188cb767Kohei Tamura # Portions Copyrighted 2016 Nomura Research Institute, Ltd.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenradius-server-service-description=RADIUS Server
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowena-radius-listener-enabled-label=Enabled
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowena-radius-listener-enabled-label.help=The RADIUS Server will only open a port and listen for requests when enabled.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie BowenchoiceYES=YES
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenb-radius-port=Listener Port
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenb-radius-port.help=The UDP port on which each OpenAM server will listen for RADIUS Access-Request packets
dba6264e760052e4f42a5114d2690f1e188cb767Kohei Tamurab-radius-port.help.txt=According to the RADIUS Authentication Specification, <a href="http://tools.ietf.org/html/rfc2865" \
dba6264e760052e4f42a5114d2690f1e188cb767Kohei Tamura target="_blank">RFC 2865</a>, the officially assigned port number for RADIUS is 1812. We allow values from 1025 up to \
dba6264e760052e4f42a5114d2690f1e188cb767Kohei Tamura 65535. Requests for all Clients are handled through the same port.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenc-radius-thread-pool-core-size=Thread Pool Core Size
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenc-radius-thread-pool-core-size.help=Click the Info icon for details from ThreadPoolExecutor javadoc.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenc-radius-thread-pool-core-size.help.txt=When a RADIUS request is received and fewer \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenthan corePoolSize threads are running, a new thread is created to handle the request, even if other worker threads \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenare idle. If there are more than Pool Core Size but less than Pool Max Size threads running, a new thread will be \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowencreated only if the queue is full. By setting Pool Core Size and Pool Max Size the same, you create a fixed-size \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenthread pool. Limited from 1 to 100.<br/><br/>
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowend-radius-thread-pool-max-size=Thread Pool Max Size
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowend-radius-thread-pool-max-size.help=See notes and range restrictions for Thread Pool Core Size.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowene-radius-thread-pool-keepalive-seconds=Thread Pool Keep-Alive Seconds
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowene-radius-thread-pool-keepalive-seconds.help=Click the Info icon for details from ThreadPoolExecutor javadoc.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowene-radius-thread-pool-keepalive-seconds.help.txt=If the pool currently has more than Thread Pool Core Size threads, \
dba6264e760052e4f42a5114d2690f1e188cb767Kohei Tamuraexcess threads will be terminated if they have been idle for more than the Keep-Alive Seconds. Limited from 1 to 3600.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenf-radius-thread-pool-queue-size=Thread Pool Queue Size
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenf-radius-thread-pool-queue-size.help=Number of request that can be queued for the pool. Click the Info icon for details.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenf-radius-thread-pool-queue-size.help.txt=The number of requests that can be queued for the pool before further requests \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenwill be silently dropped. See notes for Thread Pool Core Size on the interplay with Pool Max Size. Limited from 1 to 1000.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenclient-config-instance=Radius Client
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowena-client-ip-address-label=Client IP Address
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowena-client-ip-address-label.help=The IP Address of the client.
dba6264e760052e4f42a5114d2690f1e188cb767Kohei Tamuraa-client-ip-address-label.help.txt=<a href="http://tools.ietf.org/html/rfc2865#section-5.4" target="_blank">\
dba6264e760052e4f42a5114d2690f1e188cb767Kohei Tamura Section 5.4 of the RADIUS Authentication Specification, RFC 2865</a>, indicates that \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen the source IP address of the Access-Request packet MUST be used to identify a configured client and thence determine \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen the shared secret to use for decrypting the User-Password field. The Client IP Address field should hold the source IP address of the \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen client. This should match the value obtained from Java's InetSocketAddress.getAddress().toString(). If there is any \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen question, send an Access-Request packet to OpenAM's RADIUS port and watch for a message stating, "No Defined RADIUS Client \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen matches IP address '/127.0.0.1'. Dropping request." Then copy the value in single quotes into this field.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenb-client-secret-label=Client Secret
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenb-client-secret-label.help=This secret shared between server and client for encryption of the user password.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenb-client-secret-label.help.txt=This secret must be conveyed to the RADIUS client and entered into its configuration \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenbefore the User-Password field of incoming Access-Request packets can be decrypted to validate the password for the \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenrepresented by that packet. A default value is generated for you but you can enter a custom value if desired.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenc-client-log-packets=Log Packet Contents for this Client
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenc-client-log-packets.help=Indicates if full packet contents should be dumped to the log.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowenc-client-log-packets.help.txt=When troubleshooting issues with RADIUS it is helpful to know what was received in \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen a given packet. Enabling this feature will cause packet contents to be logged in a human consumable format. The \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen only caveat is that the USER_PASSWORD field will be obfiscated by replacing with asterisks. This should only be \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen enabled for troubleshooting as it adds significant content to logs and slows processing.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowend-handler-class=Handler Class
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowend-handler-class.help=The fully qualified name of a class to handle incoming RADIUS Access-Requests for this client.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowend-handler-class.help.txt=This class must implement the <code>com.sun.identity.authentication.modules.radius.server.spi.AccessRequestHandler</code> \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen interface to handle incoming Access-Request packets and provide a suitable response. An instance of this class is \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen created when configuration is first loaded to validate the class and then once for each new request. The configuration \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen properties will only be passed for the request handling instances and not when validating the class.<br/><br/><br/>
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowene-handler-config-params=Handler Class Configuration Properties
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowene-handler-config-params.help=Properties needed by the handler class for its configuration.
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowene-handler-config-params.help.txt=These properties are provided to the handler via its \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen <code>init</code> method prior to the call to handle the request packet. If these values are changed the next \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen handler instance created for an incoming request will receive the updated values. Each entry assumes that the first '=' \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen character incurred separates a key from its value. All entries are placed in a properties file handed to each handler \
5c124de5c36bfc236d55578429df5f048f0d0a07Jamie Bowen instance<br/><br/><br/>