ADC SG-1 Manuale Utente
A-14
user:eds-enc-key sub-attribute
The user:eds-enc-key sub-attribute contains an encryption key for EDS operation. The encryption key should be
exactly 16 characters long, comprised solely of characters from the set (“0 - 9”, “a - f”, “A - F”). Every two characters
in the key represent a hexadecimal byte. The bytes should be DES key legal, i.e. each containing an odd number of
'1' bits. This key is being used in DES encryption and decryption of the EDS USERPASS field, and overwrites the
configured EDS encryption key. The encryption key maximum length is 64 characters. This key is being used in the
EDS encryption and decryption and overwrites the configured EDS encryption key. The user:eds-enc-key sub-
attribute is operated in hierarchy mode and supports both user and service levels.
exactly 16 characters long, comprised solely of characters from the set (“0 - 9”, “a - f”, “A - F”). Every two characters
in the key represent a hexadecimal byte. The bytes should be DES key legal, i.e. each containing an odd number of
'1' bits. This key is being used in DES encryption and decryption of the EDS USERPASS field, and overwrites the
configured EDS encryption key. The encryption key maximum length is 64 characters. This key is being used in the
EDS encryption and decryption and overwrites the configured EDS encryption key. The user:eds-enc-key sub-
attribute is operated in hierarchy mode and supports both user and service levels.
General:
Format:
adc-avpair = "user:eds-enc-key=<EDS encryption key>",
Example:
adc-avpair = "user:eds-enc-key=02f804fea90102f8",
user:eds-cookie sub-attribute
The user:eds-cookie sub-attribute contains a user eds cookie data information, a string of maximum size of
64haracters. It is available to be sent by the Radius server to the system in an Access-Accept or Service-Accept
messages. The system SHOULD send it unmodified to the Radius server as part of the Authentication and
Accounting-Requests packets. This sub-attribute is operated in hierarchy mode and supports both user and service
levels. This attribute can also be updated by the SSC (see EDS architecture document).
64haracters. It is available to be sent by the Radius server to the system in an Access-Accept or Service-Accept
messages. The system SHOULD send it unmodified to the Radius server as part of the Authentication and
Accounting-Requests packets. This sub-attribute is operated in hierarchy mode and supports both user and service
levels. This attribute can also be updated by the SSC (see EDS architecture document).
Format:
adc-avpair = "
user:eds-cookie=<user eds cookie>",
Example:
adc-avpair = "
user:eds-cookie=rt123456",
Operation Mode:
Access-Accept message
Service-Accept message
Service-Accept message
Vendor-type:
22
Vendor-length =
2 + (1-64) + attribute-name length
Operation Mode:
Access-Accept message
Service-Request message
Service-Request message
Vendor-type:
23
Vendor-length =
2 + (1-64) + attribute-name length