Introduction to AAA Server
AAA Server Architecture
Chapter 112
AAA Server Architecture
The HP-UX AAA Server Architecture consists of three primary components:
• Configuration files. By editing these flat text files, with either the Server Manager user
interface or with a text editor, you can provide the information necessary for the server to
perform authentication, authorization, and accounting requests for configured users.
• AATV plug-ins perform discrete actions; such as initiating an authentication request,
replying to an authentication request, or logging an accounting record.
• The software engine, which includes the Finite State Machine (FSM) and some associated
routines. At server startup, the finite state machine reads instructions from a state
table—by default the /etc/opt/aaa/radius.fsm text file. The state table outlines what
AATV actions to call and what order to call them in.
When the server is initialized, it performs a few distinct operations. It loads and initializes
the AATV plug-ins, so that actions can be executed when called by the finite state machine. It
also reads the configuration files to initialize the data required for the actions to execute
according to the application’s requirements.
Configuration Files
The HP-UX AAA Server reads data from the following configuration files installed at
/etc/opt/aaa/ by default:
Table 1-1 HP-UX AAA Server Configuration Files
File Description
clients Information about all RADIUS clients—name,
address, shared secret, type, etc.—that allows the
server to recognize and communicate with the
clients.
authfile Authentication type parameters for defined realms.
users Information about user IDs, passwords, and
check/deny/reply items.