main/resources/radiusServer.properties

	radiusServer.properties revision dba6264e760052e4f42a5114d2690f1e188cb767
 # The contents of this file are subject to the terms of the Common Development and
 # Distribution License (the License). You may not use this file except in compliance with the
 # License.
 #
 # You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
 # specific language governing permission and limitations under the License.
 #
 # When distributing Covered Software, include this CDDL Header Notice in each file and include
 # the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
 # Header, with the fields enclosed by brackets [] replaced by your own identifying
 # information: "Portions copyright [year] [name of copyright owner]".
 #
 # Copyrighted 2015 Intellectual Reserve, Inc (IRI)�
 # Portions Copyrighted 2016 Nomura Research Institute, Ltd.

radius-server-service-description=RADIUS Server

a-radius-listener-enabled-label=Enabled
a-radius-listener-enabled-label.help=The RADIUS Server will only open a port and listen for requests when enabled.
choiceYES=YES
choiceNO=NO

b-radius-port=Listener Port
b-radius-port.help=The UDP port on which each OpenAM server will listen for RADIUS Access-Request packets
b-radius-port.help.txt=According to the RADIUS Authentication Specification, <a href="http://tools.ietf.org/html/rfc2865" \
  target="_blank">RFC 2865</a>, the officially assigned port number for RADIUS is 1812. We allow values from 1025 up to \
  65535. Requests for all Clients are handled through the same port.

c-radius-thread-pool-core-size=Thread Pool Core Size
c-radius-thread-pool-core-size.help=Click the Info icon for details from ThreadPoolExecutor javadoc.
c-radius-thread-pool-core-size.help.txt=When a RADIUS request is received and fewer \
than corePoolSize threads are running, a new thread is created to handle the request, even if other worker threads \
are idle. If there are more than Pool Core Size but less than Pool Max Size threads running, a new thread will be \
created only if the queue is full. By setting Pool Core Size and Pool Max Size the same, you create a fixed-size \
thread pool. Limited from 1 to 100.<br/><br/>

d-radius-thread-pool-max-size=Thread Pool Max Size
d-radius-thread-pool-max-size.help=See notes and range restrictions for Thread Pool Core Size.

e-radius-thread-pool-keepalive-seconds=Thread Pool Keep-Alive Seconds
e-radius-thread-pool-keepalive-seconds.help=Click the Info icon for details from ThreadPoolExecutor javadoc.
e-radius-thread-pool-keepalive-seconds.help.txt=If the pool currently has more than Thread Pool Core Size threads, \
excess threads will be terminated if they have been idle for more than the Keep-Alive Seconds. Limited from 1 to 3600.

f-radius-thread-pool-queue-size=Thread Pool Queue Size
f-radius-thread-pool-queue-size.help=Number of request that can be queued for the pool. Click the Info icon for details.
f-radius-thread-pool-queue-size.help.txt=The number of requests that can be queued for the pool before further requests \
will be silently dropped. See notes for Thread Pool Core Size on the interplay with Pool Max Size. Limited from 1 to 1000.


client-config-instance=Radius Client

a-client-ip-address-label=Client IP Address
a-client-ip-address-label.help=The IP Address of the client.
a-client-ip-address-label.help.txt=<a href="http://tools.ietf.org/html/rfc2865#section-5.4" target="_blank">\
  Section 5.4 of the RADIUS Authentication Specification, RFC 2865</a>, indicates that \
  the source IP address of the Access-Request packet MUST be used to identify a configured client and thence determine \
  the shared secret to use for decrypting the User-Password field. The Client IP Address field should hold the source IP address of the \
  client. This should match the value obtained from Java's InetSocketAddress.getAddress().toString(). If there is any \
  question, send an Access-Request packet to OpenAM's RADIUS port and watch for a message stating, "No Defined RADIUS Client \
  matches IP address '/127.0.0.1'. Dropping request." Then copy the value in single quotes into this field.


b-client-secret-label=Client Secret
b-client-secret-label.help=This secret shared between server and client for encryption of the user password.
b-client-secret-label.help.txt=This secret must be conveyed to the RADIUS client and entered into its configuration \
before the User-Password field of incoming Access-Request packets can be decrypted to validate the password for the \
represented by that packet. A default value is generated for you but you can enter a custom value if desired.

c-client-log-packets=Log Packet Contents for this Client
c-client-log-packets.help=Indicates if full packet contents should be dumped to the log.
c-client-log-packets.help.txt=When troubleshooting issues with RADIUS it is helpful to know what was received in \
  a given packet. Enabling this feature will cause packet contents to be logged in a human consumable format. The \
  only caveat is that the USER_PASSWORD field will be obfiscated by replacing with asterisks. This should only be \
  enabled for troubleshooting as it adds significant content to logs and slows processing.


d-handler-class=Handler Class
d-handler-class.help=The fully qualified name of a class to handle incoming RADIUS Access-Requests for this client.
d-handler-class.help.txt=This class must implement the <code>com.sun.identity.authentication.modules.radius.server.spi.AccessRequestHandler</code> \
  interface to handle incoming Access-Request packets and provide a suitable response. An instance of this class is \
  created when configuration is first loaded to validate the class and then once for each new request. The configuration \
  properties will only be passed for the request handling instances and not when validating the class.<br/><br/><br/>

e-handler-config-params=Handler Class Configuration Properties
e-handler-config-params.help=Properties needed by the handler class for its configuration.
e-handler-config-params.help.txt=These properties are provided to the handler via its \
  <code>init</code> method prior to the call to handle the request packet. If these values are changed the next \
  handler instance created for an incoming request will receive the updated values. Each entry assumes that the first '=' \
  character incurred separates a key from its value. All entries are placed in a properties file handed to each handler \
  instance<br/><br/><br/>