RADIUSOTPValidator
Note
Valve for validating one-time passwords on remote RADIUS server(s).
Properties
| Name | Description | Default value | Mandatory | Supports property expansion |
|---|---|---|---|---|
| username_param | Property containing the username. | Yes | Yes | |
| password_param | Property containing the password. | Yes | No | |
| request_attributes | Property containing the request attributes to send to external RADIUS server. See example configuration below. | No | Yes | |
| radiusstate | Parameter containing the RADIUS state. | radiusstate | Yes | No |
| secret | The RADIUS shared secret. | Yes | Yes | |
| host | The ip of the remote RADIUS server. | Yes | Yes | |
| port | The port of the remote RADIUS server. | Yes | Yes | |
| forward_state | If the state should be forwarded to remote server. | true | No | Yes |
| default_host | The default ip of the remote RADIUS server. Fallback if value is not found in the 'RADIUS host' property. | No | No | |
| default_port | The default port of the remote RADIUS server. Fallback if value is not found in the 'RADIUS port' property. | No | No | |
| default_secret | The default shared secret of the remote RADIUS server. Fallback if value is not found in the 'RADIUS shared secret' property. | No | No | |
| require_message_authenticator_on_response | Whether the Message-Authenticator attribute (80) should be required when parsing incoming responses. | false | No | No |
Example Configuration
{
"id": "f60d1ea9-7b5b-4145-8b3e-1c6ac6987ddd",
"name": "RADIUSOTPValidator",
"enabled": "true",
"config": {
"proceed_on_error": "false",
"username_param": "User-Name",
"password_param": "User-Password",
"request_attributes" : "32=SMS,26={{item.somethingelse}}",
"secret": "{enc}jwW094Ey1Me2D3SALPqF50Hysm4dRmF3tx+nB5vV3/U=",
"radiusstate": "State",
"host": "{{item.radiushost}}",
"port": "{{item.radiusport}}",
"default_host": "10.1.12.19",
"default_port": "1812",
"default_secret": "{enc}licwvyYeZvE6fv4dDrD4VWdfr18S1vQMWg+sokplhkA=",
"forward_state": "true"
}
}