radiusServer.properties revision cb241c1aa2096e51864b45398cc15850b0ce4d8c
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk # The contents of this file are subject to the terms of the Common Development and
1f48f8236de7de97be1c6b9d06bef50b379c8801jenkins # Distribution License (the License). You may not use this file except in compliance with the
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk # You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk # specific language governing permission and limitations under the License.
54df19ee6525730717441d625c476fbe32448945Peter Major # When distributing Covered Software, include this CDDL Header Notice in each file and include
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk # the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk # Header, with the fields enclosed by brackets [] replaced by your own identifying
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk # information: "Portions copyright [year] [name of copyright owner]".
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk # Copyrighted 2015 Intellectual Reserve, Inc (IRI)�
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkradius-server-service-description=RADIUS Server
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenka-radius-listener-enabled-label=Enabled
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenka-radius-listener-enabled-label.help=The RADIUS Server will only open a port and listen for requests when enabled.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkchoiceYES=YES
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkb-radius-port=Listener Port
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkb-radius-port.help=The UDP port on which each OpenAM server will listen for RADIUS Access-Request packets
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkb-radius-port.help.txt=According to the RADIUS Authentication Specification, RFC 2865, the officially assigned port number for RADIUS is 1812. We allow values from 1025 up to 65535. Requests for all Clients are handled through the same port.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkc-radius-thread-pool-core-size=Thread Pool Core Size
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkc-radius-thread-pool-core-size.help=Click the Info icon for details from ThreadPoolExecutor javadoc.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkc-radius-thread-pool-core-size.help.txt=When a RADIUS request is received and fewer \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkthan corePoolSize threads are running, a new thread is created to handle the request, even if other worker threads \
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkare idle. If there are more than Pool Core Size but less than Pool Max Size threads running, a new thread will be \
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkcreated only if the queue is full. By setting Pool Core Size and Pool Max Size the same, you create a fixed-size \
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkthread pool. Limited from 1 to 100.<br/><br/>
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkd-radius-thread-pool-max-size=Thread Pool Max Size
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkd-radius-thread-pool-max-size.help=See notes and range restrictions for Thread Pool Core Size.
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenke-radius-thread-pool-keepalive-seconds=Thread Pool Keep-Alive Seconds
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenke-radius-thread-pool-keepalive-seconds.help=Click the Info icon for details from ThreadPoolExecutor javadoc.
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenke-radius-thread-pool-keepalive-seconds.help.txt=If the pool currently has more than Thread Pool Core Size threads, \
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkexcess threads will be terminated if they have been idle for more than the Kee-Alive Seconds. Limited from 1 to 3600.
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkf-radius-thread-pool-queue-size=Thread Pool Queue Size
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkf-radius-thread-pool-queue-size.help=Number of request that can be queued for the pool. Click the Info icon for details.
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkf-radius-thread-pool-queue-size.help.txt=The number of requests that can be queued for the pool before further requests \
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkwill be silently dropped. See notes for Thread Pool Core Size on the interplay with Pool Max Size. Limited from 1 to 1000.
2feee3bd4482cbe7e4a8cf1a228bf17723b13934jeff.schenkclient-config-instance=Radius Client
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenka-client-ip-address-label=Client IP Address
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenka-client-ip-address-label.help=The IP Address of the client.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenka-client-ip-address-label.help.txt=Section 5.4 of the RADIUS Authentication Specification, RFC 2865, indicates that \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk the source IP address of the Access-Request packet MUST be used to identify a configured client and thence determine \
a277eacba0534b81b8bd19173f7060a3971d03dajeff.schenk the shared secret to use for decrypting the User-Password field. The Client IP Address field should hold the source IP address of the \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk client. This should match the value obtained from Java's InetSocketAddress.getAddress().toString(). If there is any \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk question, send an Access-Request packet to OpenAM's RADIUS port and watch for a message stating, "No Defined RADIUS Client \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk matches IP address '/127.0.0.1'. Dropping request." Then copy the value in single quotes into this field.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkb-client-secret-label=Client Secret
a149d11dfee7bcc667e71ec330b7566dd0437c1fjeff.schenkb-client-secret-label.help=This secret shared between server and client for encryption of the user password.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkb-client-secret-label.help.txt=This secret must be conveyed to the RADIUS client and entered into its configuration \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkbefore the User-Password field of incoming Access-Request packets can be decrypted to validate the password for the \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkrepresented by that packet. A default value is generated for you but you can enter a custom value if desired.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkc-client-log-packets=Log Packet Contents for this Client
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkc-client-log-packets.help=Indicates if full packet contents should be dumped to the log.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkc-client-log-packets.help.txt=When troubleshooting issues with RADIUS it is helpful to know what was received in \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk a given packet. Enabling this feature will cause packet contents to be logged in a human consumable format. The \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk only caveat is that the USER_PASSWORD field will be obfiscated by replacing with asterisks. This should only be \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk enabled for troubleshooting as it adds significant content to logs and slows processing.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkd-handler-class=Handler Class
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkd-handler-class.help=The fully qualified name of a class to handle incoming RADIUS Access-Requests for this client.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenkd-handler-class.help.txt=This class must implement the <code>com.sun.identity.authentication.modules.radius.server.spi.AccessRequestHandler</code> \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk interface to handle incoming Access-Request packets and provide a suitable response. An instance of this class is \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk created when configuration is first loaded to validate the class and then once for each new request. The configuration \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk properties will only be passed for the request handling instances and not when validating the class.<br/><br/><br/>
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenke-handler-config-params=Handler Class Configuration Properties
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenke-handler-config-params.help=Properties needed by the handler class for its configuration.
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenke-handler-config-params.help.txt=These properties are provided to the handler via its \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk <code>init</code> method prior to the call to handle the request packet. If these values are changed the next \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk handler instance created for an incoming request will receive the updated values. Each entry assumes that the first '=' \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk character incurred separates a key from its value. All entries are placed in a properties file handed to each handler \
3133cf1b294fb4042826d58b24e4a2d0216d0349jeff.schenk instance<br/><br/><br/>