After updating the trace settings, you have to define RADIUS configuration parameters in the
web.xml file.
The
web.xml file is typically located in the
<MFT_Install>/server/webapps/cfcc/WEB-INF directory. To configure RADIUS authentication, you must add the following parameters to the
web.xml file. These parameters should be placed with the other
context-param parameters before the
filter parameters.
| Web.xml Parameter
|
Description
|
| RADIUS-Enabled
|
Defines whether RADIUS authentication is enabled or disabled.
The valid values are as follows:
- True: RADIUS authentication is enabled and replaces MFT user ID and password authentication.
- False: RADIUS authentication is disabled. Standard MFT user ID and password authentication is used. This is the default value.
|
| RADIUS-PrimarySecret
|
Defines the primary RADIUS encrypted secret.
Note: This parameter is set by executing the
dbsettings utility and must be set before performing RADIUS authentication. It cannot be set manually.
|
|
RADIUS-PrimaryHost
|
Defines the IP address or IP name of the primary RADIUS server.
This parameter is required if RADIUS authentication is enabled.
|
|
RADIUS-PrimaryPort
|
Defines the IP port of the primary RADIUS server.
This parameter is required if RADIUS authentication is enabled.
|
|
RADIUS-PrimaryAdapterIP
|
Defines the IP address that is used when communicating with the primary RADIUS server.
The default value of
0.0.0.0 indicates accepting responses over any adapter.
|
|
RADIUS-BackupSecret
|
Defines the backup RADIUS encrypted secret.
This parameter is required only if you want to communicate to a backup RADIUS server.
Note: This parameter is set by executing the
dbsettings utility and must be set before performing RADIUS authentication. It cannot be set manually.
|
|
RADIUS-BackupHost
|
Defines the IP address or IP name of the backup RADIUS server.
This parameter is required only if you want to communicate to a backup RADIUS server.
|
|
RADIUS-BackupPort
|
Defines the IP port of the backup RADIUS server.
This parameter is required only if you want to communicate to a backup RADIUS server.
|
|
RADIUS-BackupAdapterIP
|
Defines the IP address that is used when communicating with the backup RADIUS server.
The default value of
0.0.0.0 indicates accepting responses over any adapter.
|
|
RADIUS-Synchronous
|
Defines whether communication to primary and backup RADIUS servers is synchronous or asynchronous.
The valid values are as follows:
- True: RADIUS authentication is synchronous. Communication to the RADIUS backup host is only performed if communication to the RADIUS primary host times out.
- False: RADIUS authentication is asynchronous. Requests are made to both RADIUS primary host and RADIUS backup host at the same time. MFT uses the first response that is received. This parameter is ignored if a RADIUS backup server is not defined.
|
|
RADIUS-Timeout
|
Defines the number of seconds the RADIUS client waits for a response from the RADIUS server before the request times out and fails.
|
|
RADIUS-SpecialUsers
|
Defines the users to be authenticated using standard MFT authentication in the event that RADIUS authentication fails.
You can define one or more MFT users separated by a semicolon.
|
