Mercurial > hg > freeDiameter
view extensions/app_diameap/README @ 449:c5e37091553a
Updated app_diameap documentation and diameap.sql script
author | Souheil Ben Ayed <souheil@tera.ics.keio.ac.jp> |
---|---|
date | Thu, 29 Jul 2010 14:07:30 +0900 |
parents | 70eabd4f8a31 |
children |
line wrap: on
line source
DiamEAP (http://diameap.yagami.freediameter.net/) Copyright (c) 2009-2010 Souheil Ben Ayed, Teraoka Laboratory of Keio University, and the WIDE Project. Author: Souheil Ben Ayed <souheil@tera.ics.keio.ac.jp> ----- SUMMARY ----- DiamEAP is an implementation of the Diameter Extensible Authentication Protocol (EAP) Application (RFC 4072). The Diameter protocol is a AAA protocol to securely carry Authentication, Authorization and Accounting informations between the AAA client and the AAA server. Diameter EAP Application is a Diameter application that supports authentication using Extensible Authentication Protocol (RFC 3748). DiamEAP is designed to be extensible so that any new EAP method can be implemented separately as a shared library called 'EAP method plug-in'. Currently, DiamEAP comprises two EAP Methods plug-ins: - EAP MD5 plug-in : implementation of EAP-MD5 authentication method. - EAP TLS plug-in : implementation of EAP-TLS authentication method . Other EAP methods are scheduled to be added in future releases. DiamEAP is an extension for freeDiameter. Visit http://www.freediameter.net/ for more information on freeDiameter project. For more information on DiamEAP project, visit http://diameap.yagami.freediameter.net/ ----- REQUIREMENTS ----- Some packages are required to compile DiamEAP from source. If you will install DiamEAP on Debian or Ubuntu system install the following packages: cmake flex bison libgnutls-dev libgcrypt-dev libmysqlclient-dev $ sudo apt-get install cmake flex bison libgnutls-dev libgcrypt-dev libmysqlclient-dev ----- INSTALLATION ----- 1- Add DiamEAP extension to freeDiameter. See freeDiameter documentation (http://www.freediameter.net/) 2-Create a new MySQL database and add tables using the sql script 'diameap.sql'. 3- Edit the extensions/CMakeList.txt file to add DiamEAP to freeDiameter. Add the following lines: OPTION(BUILD_APP_DIAMEAP "Build DiamEAP? (Diameter EAP Application - RFC 4072)" OFF) IF (BUILD_APP_DIAMEAP) ADD_SUBDIRECTORY(app_diameap) ENDIF (BUILD_APP_DIAMEAP) Note: you can enable DiamEAP to be built with freeDiameter by setting the BUILD_APP_DIAMEAP to ON. If you enable it here you don't need to enable it when building freeDiameter. 4- Enable DiamEAP by enabling BUILD_APP_DIAMEAP option with CMake: cmake -DBUILD_APP_DIAMEAP:BOOl=ON ../ ----- CONFIGURATION ----- DiamEAP requires a configuration file to start the DiamEAP server. It is advised to start by a copy of the sample file, and customize the configuration to fit your needs. A sample configuration file 'diameap.conf.sample' can be find in extensions/app_diameap/ or in doc/ folder of freeDiameter. The file 'diameap.conf.sample' contains a description of all parameters that can be added to the DiamEAP configuration file. *Specify connection parameters to DiamEAP MySQL database: - username and password to connect to the MySQL Server - database server : address to MySQL server. - database name : database for DiamEAP. Example: DiamEAP_MySQL = "UserName" , "MyPassword" , "localhost" , "drupal_ui"; *Add EAP Method plug-ins to be loaded with DiamEAP server. Note that EAP Identity must be add. Example: Load_plugin = "EAP MD5":4:0:"extensions/eap_md5.emp":""; Load_plugin = "EAP TLS":13:0:"extensions/eap_tls.emp":"doc/eap_tls_plugin.app_diameap.conf"; * Enable Authorization with DiamEAP. You can enable DiamEAP to check authorization of authenticated users. To enable authorization set authorization to 1. ( by default disabled). * Multiple round trips timeout This parameter indicates the maximum number of seconds provides the user to answer to a Diameter-EAP-Request. (by default set to 30 seconds) * Invalid EAP Packets This parameter defines the maximum number of invalid EAP packets that can be received before rejecting the connection. (by default set to 5 packets) For more documentation on configuring DiamEAP, visit the documentation page of the project : http://diameap.yagami.freediameter.net/documentation ----- COPYRIGHT ----- See LICENSE file for legal information on this software. ----- CONTACT ----- Author: Souheil Ben Ayed (souheil@tera.ics.keio.ac.jp) Current maintainers: -Souheil Ben Ayed (Teraoka Laboratory of Keio University) souheil@tera.ics.keio.ac.jp