Main Page | Class Hierarchy | Class List | File List | Class Members

DiameterNasreqServerStateMachine Class Reference

#include <diameter_nasreq_server_fsm.hxx>

Inheritance diagram for DiameterNasreqServerStateMachine:

DiameterNasreqServerSession List of all members.

Public Types

enum  {
  EvSgStart, EvRxAuthContinue, EvRxAuthSuccess, EvRxAuthFailure,
  EvSgAuthorizationSuccess, EvSgAuthorizationFailure, EvRxAA_Request, EvSgSessionTimeout,
  EvSgAuthLifetimeTimeout, EvSgAuthGracePeriodTimeout, EvSgTimeout, EvSgDisconnect,
  EvSgValidAA_Request, EvSgInvalidAA_Request
}

Public Member Functions

 DiameterNasreqServerStateMachine (DiameterNasreqServerSession &s, DiameterNasreqJobHandle &h)
 Constructor.

void Notify (AAA_Event ev) throw (int)
 Store an event and notify the session.

DiameterNasreqServerSessionSession ()
virtual void Abort ()=0
virtual void ForwardAuthenticationInfo (DiameterNasreqAuthenticationInfo &authenticationInfo)=0
void SignalContinue (DiameterNasreqAuthenticationInfo &authInfo)
void SignalSuccess ()
void SignalFailure ()
void SendAA_Answer ()
 This is used for constructing and sending an AA-Answer.

bool CheckAA_Request ()
virtual bool Authorize ()
bool AuthorizationDone ()
 Check if authorization has been completed successfully.

AAA_JobData & JobData ()
template<class T> T & JobData (Type2Type< T >)
virtual bool AuthorizeOriginHost (const diameter_identity_t &originHost)
 An authorization function called from Authorize() function.

virtual bool AuthorizeOriginRealm (const diameter_identity_t &originRealm)
 An authorization function called from Authorize() function.

virtual bool AuthorizeNasIdentifier (const AAA_ScholarAttribute< diameter_utf8string_t > &nasIdentifier)
 An authorization function called from Authorize() function.

virtual bool AuthorizeNasIpAddress (const AAA_ScholarAttribute< diameter_octetstring_t > &nasIpaddress)
 An authorization function called from Authorize() function.

virtual bool AuthorizeNasIpv6Address (const AAA_ScholarAttribute< diameter_octetstring_t > &nasIpv6address)
 An authorization function called from Authorize() function.

virtual bool AuthorizeNasPort (const AAA_ScholarAttribute< diameter_unsigned32_t > &nasPort)
 An authorization function called from Authorize() function.

virtual bool AuthorizeNasPortId (const AAA_ScholarAttribute< diameter_utf8string_t > &nasPortId)
 An authorization function called from Authorize() function.

virtual bool AuthorizeNasPortType (const AAA_ScholarAttribute< diameter_enumerated_t > &nasPortType)
 An authorization function called from Authorize() function.

virtual bool AuthorizeOriginStateId (const AAA_ScholarAttribute< diameter_unsigned32_t > &nasOriginStateId)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFilterId (AAA_VectorAttribute< diameter_utf8string_t > &FilterId)
 An authorization function called from Authorize() function.

virtual bool AuthorizePortLimit (AAA_ScholarAttribute< diameter_unsigned32_t > &portLimit)
 An authorization function called from Authorize() function.

virtual bool AuthorizePortLimit (const diameter_unsigned32_t &portLimit1, AAA_ScholarAttribute< diameter_unsigned32_t > &portLimit2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeServiceType (AAA_ScholarAttribute< diameter_enumerated_t > &serviceType)
 An authorization function called from Authorize() function.

virtual bool AuthorizeServiceType (const diameter_enumerated_t &serviceType1, AAA_ScholarAttribute< diameter_enumerated_t > &serviceType2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeClass (AAA_VectorAttribute< diameter_octetstring_t > &Class)
 An authorization function called from Authorize() function.

virtual bool AuthorizeConfigurationToken (const AAA_VectorAttribute< diameter_octetstring_t > &configurationToken)
 An authorization function called from Authorize() function.

virtual bool AuthorizeAcctInterimInterval (AAA_ScholarAttribute< diameter_unsigned32_t > &acctInterimInterval)
 An authorization function called from Authorize() function.

virtual bool AuthorizeIdleTimeout (AAA_ScholarAttribute< diameter_unsigned32_t > &idleTimeout)
 An authorization function called from Authorize() function.

virtual bool AuthorizeAuthorizationLifetime (AAA_ScholarAttribute< diameter_unsigned32_t > &authorizationLifetime)
 An authorization function called from Authorize() function.

virtual bool AuthorizeAuthGracePeriod (AAA_ScholarAttribute< diameter_unsigned32_t > &authGracePeriod)
 An authorization function called from Authorize() function.

virtual bool AuthorizeAuthSessionState (AAA_ScholarAttribute< diameter_enumerated_t > &authSessionState)
 An authorization function called from Authorize() function.

virtual bool AuthorizeReAuthRequestType (AAA_ScholarAttribute< diameter_enumerated_t > &authReAuthRequestType)
 An authorization function called from Authorize() function.

virtual bool AuthorizeSessionTimeout (AAA_ScholarAttribute< diameter_unsigned32_t > &authSessionTimeout)
 An authorization function called from Authorize() function.

virtual bool AuthorizeCallbackId (AAA_ScholarAttribute< diameter_utf8string_t > &callbackId)
 An authorization function called from Authorize() function.

virtual bool AuthorizeCallbackNumber (AAA_ScholarAttribute< diameter_utf8string_t > &callbackNumber)
 An authorization function called from Authorize() function.

virtual bool AuthorizeCallbackNumber (const diameter_utf8string_t &callbackNumber1, AAA_ScholarAttribute< diameter_utf8string_t > &callbackNumber2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeCallingStationId (const diameter_utf8string_t &callingStationId)
 An authorization function called from Authorize() function.

virtual bool AuthorizeCalledStationId (const diameter_utf8string_t &calledStationId)
 An authorization function called from Authorize() function.

virtual bool AuthorizeOriginatingLineInfo (const AAA_ScholarAttribute< diameter_octetstring_t > &originatingLineInfo)
 An authorization function called from Authorize() function.

virtual bool AuthorizeConnectInfo (const AAA_ScholarAttribute< diameter_utf8string_t > &connectInfo)
virtual bool AuthorizeFramedAppletalkLink (AAA_ScholarAttribute< diameter_unsigned32_t > &framedAppletalkLink)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedAppletalkZone (AAA_ScholarAttribute< diameter_octetstring_t > &framedAppletalkZone)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedAppletalkNetwork (AAA_VectorAttribute< diameter_unsigned32_t > &framedAppletalkNetwork)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedCompression (AAA_VectorAttribute< diameter_enumerated_t > &framedCompression)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedCompression (const std::vector< diameter_enumerated_t > &framedCompression1, AAA_VectorAttribute< diameter_enumerated_t > &framedCompression2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedInterfaceId (AAA_ScholarAttribute< diameter_unsigned64_t > &framedInterfaceId)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedInterfaceId (const diameter_unsigned64_t &framedInterfaceId1, AAA_ScholarAttribute< diameter_unsigned64_t > &framedInterfaceId2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpAddress (AAA_ScholarAttribute< diameter_octetstring_t > &framedIpAddress)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpAddress (const diameter_octetstring_t &framedIpAddress1, AAA_ScholarAttribute< diameter_octetstring_t > &framedIpAddress2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpv6Prefix (AAA_VectorAttribute< diameter_octetstring_t > &framedIpv6Prefix)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpv6Prefix (const std::vector< diameter_octetstring_t > &framedIpv6Prefix1, AAA_VectorAttribute< diameter_octetstring_t > &framedIpv6Prefix2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpv6Pool (AAA_ScholarAttribute< diameter_octetstring_t > &framedIpv6Pool)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedPool (AAA_ScholarAttribute< diameter_octetstring_t > &framedPool)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpv6Route (AAA_VectorAttribute< diameter_utf8string_t > &framedIpv6Route)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedRoute (AAA_VectorAttribute< diameter_utf8string_t > &framedRoute)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpNetmask (AAA_ScholarAttribute< diameter_octetstring_t > &framedIpNetmask)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpNetmask (const diameter_octetstring_t &framedIpNetmask1, AAA_ScholarAttribute< diameter_octetstring_t > &framedIpNetmask2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedIpxNetwork (AAA_ScholarAttribute< diameter_utf8string_t > &framedIpxNetwork)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedMtu (AAA_ScholarAttribute< diameter_unsigned32_t > &framedMtu)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedMtu (const diameter_unsigned32_t &framedMtu1, AAA_ScholarAttribute< diameter_unsigned32_t > &framedMtu2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedProtocol (AAA_ScholarAttribute< diameter_enumerated_t > &framedProtocol)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedProtocol (const diameter_enumerated_t &framedProtocol1, AAA_ScholarAttribute< diameter_enumerated_t > &framedProtoco2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeFramedRouting (AAA_ScholarAttribute< diameter_enumerated_t > &framedRouting)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginIpHost (AAA_VectorAttribute< diameter_octetstring_t > &loginIpHost)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginIpHost (const std::vector< diameter_octetstring_t > &loginIpHost1, AAA_VectorAttribute< diameter_octetstring_t > &loginIpHost2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginIpv6Host (AAA_VectorAttribute< diameter_octetstring_t > &loginIpv6Host)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginIpv6Host (const std::vector< diameter_octetstring_t > &loginIpv6Host1, AAA_VectorAttribute< diameter_octetstring_t > &loginIpv6Host2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginLatGroup (AAA_ScholarAttribute< diameter_octetstring_t > &loginLatGroup)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginLatGroup (const AAA_ScholarAttribute< diameter_octetstring_t > &loginLatGroup1, AAA_ScholarAttribute< diameter_octetstring_t > &loginLatGroup2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginLatNode (AAA_ScholarAttribute< diameter_octetstring_t > &loginLatNode)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginLatNode (const AAA_ScholarAttribute< diameter_octetstring_t > &loginLatNode1, AAA_ScholarAttribute< diameter_octetstring_t > &loginLatNode2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginLatPort (AAA_ScholarAttribute< diameter_octetstring_t > &loginLatPort)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginLatPort (const AAA_ScholarAttribute< diameter_octetstring_t > &loginLatPort1, AAA_ScholarAttribute< diameter_octetstring_t > &loginLatPort2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginLatService (AAA_ScholarAttribute< diameter_octetstring_t > &loginLatService2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginLatService (const AAA_ScholarAttribute< diameter_octetstring_t > &loginLatService1, AAA_ScholarAttribute< diameter_octetstring_t > &loginLatService2)
 An authorization function called from Authorize() function.

virtual bool AuthorizeLoginTcpPort (AAA_ScholarAttribute< diameter_unsigned32_t > &loginTcpPort)
 An authorization function called from Authorize() function.

virtual bool AuthorizeNasFilterRule (AAA_VectorAttribute< diameter_ipfilter_rule_t > &nasFilterRule)
 An authorization function called from Authorize() function.

virtual bool AuthorizeTunneling (AAA_VectorAttribute< tunneling_t > &tunneling)
 An authorization function called from Authorize() function.

virtual bool AuthorizeTunneling (const std::vector< tunneling_t > &tunneling1, AAA_VectorAttribute< tunneling_t > &tunneling2)
 An authorization function called from Authorize() function.

virtual void SetReplyMessage (AAA_VectorAttribute< diameter_utf8string_t > &replyMessage, const diameter_unsigned32_t &resultCode)
virtual bool ValidateAuthRequestType (const diameter_enumerated_t &authRequestType)
 Validate Auth-Request-Type AVP.

virtual bool ValidateState (const diameter_octetstring_t &stateInDER, const diameter_octetstring_t &stateInDEA)
virtual void SetState (AAA_ScholarAttribute< diameter_octetstring_t > &state)
 Used for setting State AVP in initial answer. Do nothing by default.

virtual void SetArapMultiExchange (AAA_ScholarAttribute< diameter_unsigned32_t > &ArapSecurity, AAA_VectorAttribute< diameter_octetstring_t > &ArapSecurityData)
 Used for setting ARAP-Security and ARAP-Security-Data AVPs.

DiameterNasreqAuthenticationInfoAuthenticationInfo ()
AA_RequestDataAA_Request ()
AA_AnswerDataAA_Answer ()

Detailed Description

State machine for Diameter NASREQ server. There are two types of procedures a Diameter NASREQ server does: authentication and authorization. Authentication is an act to verify a client. Authorization is an act to grant a service to a client. In many cases authentication occurs before authorization, but the order can be reversed in some cases. This server implementation supports both orders.

Functions related to authentication have names starting "Validate" (e.g., ValidateUserName).

Authorization is performed in the form of either validation of a requested attribute value, assignment of an attribute value. The assignment of an attribute value may be performed as a modification to a requested attribute value or as a new assignment without a requested value. It has many member functions for authorization of attributes (i.e., AuthorizeXYZ). The authorization functions return a boolean value indicating whether the authorization of the particular attribute succeeded or not. Authorization functions for optionally set attributes MUST return true when the optional attributes are not set. When an attribute is specified as const, the application is not allowed to modify the attribute and expected to just judge on whether the given attribute value is accepted or not. When an attribute is not specified as const, the application is allowed to modify the attribute as well as judge on whether the given attribute value is accepted or not. Authorization functions with two arguments are used for attribute that can be included in both DER and DEA. DER and DEA attributes are contained in the first argument (which is const) and second argument, respectivily, where the former attribute contains a requested value and the latter contains an enforced value. The former attributes are not enveloped with AAA_ScholorAttribute or AAA_VectorAttributes since they are intended to be unmodified.


Member Function Documentation

virtual void DiameterNasreqServerStateMachine::Abort  )  [pure virtual]
 

This is used for aborting the state machine. Usually called when Notify() fails.

virtual bool DiameterNasreqServerStateMachine::Authorize  )  [virtual]
 

Authorization function. This function can be called from the AA application so that authorization can be performed before completing authentication. If this function is not called from the AA application, the NASREQ server will call this function when it receives an indication of successful authentication from the AA application.

bool DiameterNasreqServerStateMachine::CheckAA_Request  ) 
 

Check received AA-Request message. It returns true when the message is valid. Otherwise, it returns false. When false is returned, it results in generating a AA-Answer message with the Result-Code value set to DIAMETER_INVALID_AVP_VALUE.

virtual void DiameterNasreqServerStateMachine::ForwardAuthenticationInfo DiameterNasreqAuthenticationInfo authenticationInfo  )  [pure virtual]
 

This virtual function is called when authentication information such as CHAP challenge and response is passed to the application.

DiameterNasreqServerSession& DiameterNasreqServerStateMachine::Session  )  [inline]
 

This is used for obtaining the reference to the server session object.

virtual void DiameterNasreqServerStateMachine::SetReplyMessage AAA_VectorAttribute< diameter_utf8string_t > &  replyMessage,
const diameter_unsigned32_t &  resultCode
[inline, virtual]
 

The contents of the replyMessage should be generated depending on the value of the resultCode.

void DiameterNasreqServerStateMachine::SignalContinue DiameterNasreqAuthenticationInfo authInfo  ) 
 

This virtual function is called when a continuation of the authentication is signaled from the application.

void DiameterNasreqServerStateMachine::SignalFailure  ) 
 

This virtual function is called when an authentication failure is signaled from the application.

void DiameterNasreqServerStateMachine::SignalSuccess  ) 
 

This virtual function is called when an authentication success is signaled from the application.

virtual bool DiameterNasreqServerStateMachine::ValidateState const diameter_octetstring_t &  stateInDER,
const diameter_octetstring_t &  stateInDEA
[inline, virtual]
 

Validate State AVP in DER against State AVP in DEA. The validation method is specific to application.


The documentation for this class was generated from the following file:
Generated on Fri Jun 25 19:15:16 2004 for Diameter NASREQ Application by doxygen 1.3.5