Amster

RadiusModule

Realm Operations

Resource path:

/realm-config/authentication/modules/radius

Resource version: 1.0

create

Usage

am> create RadiusModule --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "healthCheckInterval" : {
      "title" : "Health check interval",
      "description" : "The interval between checks to unavailable RADIUS servers, in minutes. <br><br>Determines how often AM checks an offline server's status. The check will send an invalid authentication request to the RADIUS server. Offline servers will not be used until the healthcheck was successful. Primary servers that become available will be used in preference to secondary servers.",
      "propertyOrder" : 600,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "secondaryRadiusServers" : {
      "title" : "Secondary Radius Servers",
      "description" : "A list of secondary Radius servers that will be used for authentication, in case the primary servers are unavailable.<br><br>The module will use secondary servers for authentication if all primary servers are unavailable. For a single entry, specify the IP address, or fully qualified domain name of the Radius server.<br/><br/>Multiple entries allow associations between AM servers and a Radius server. The format is:<br/><br/><code>local server name | radius_server</code><br/><br/><i>NB </i>The local server name is the full name of the server from the list of servers and sites.",
      "propertyOrder" : 200,
      "required" : true,
      "items" : {
        "type" : "string"
      },
      "type" : "array",
      "exampleValue" : ""
    },
    "primaryRadiusServers" : {
      "title" : "Primary Radius Servers",
      "description" : "A list of primary Radius servers that will be used for authentication<br><br>The module will use these servers in preference to the secondary servers. For a single entry, specify the IP address or fully qualified domain name of the Radius server.<br/><br/>Multiple entries allow associations between AM servers and a Radius server. The format is:<br/><br/><code>local server name | radius_server</code><br/><br/><i>NB </i>The local server name is the full name of the server from the list of servers and sites.",
      "propertyOrder" : 100,
      "required" : true,
      "items" : {
        "type" : "string"
      },
      "type" : "array",
      "exampleValue" : ""
    },
    "stopRadiusbindAfterInmemoryLockedEnabled" : {
      "title" : "Stop RADIUS Binds after in-memory lockout",
      "description" : "If enabled, further bind requests will not be sent to Radius Server when the user is locked-out using in-memory Account Lockout.",
      "propertyOrder" : 650,
      "required" : true,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "authenticationLevel" : {
      "title" : "Authentication Level",
      "description" : "The authentication level associated with this module.<br><br>Each authentication module has an authentication level that can be used to indicate the level of security associated with the module; 0 is the lowest (and the default). ",
      "propertyOrder" : 700,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "sharedSecret" : {
      "title" : "Shared Secret",
      "description" : "The secret shared between the RADIUS server and the authentication module.",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "string",
      "format" : "password",
      "exampleValue" : ""
    },
    "serverTimeout" : {
      "title" : "Timeout",
      "description" : "Amount of time in seconds to wait for the RADIUS server response.<br><br>This sets the <code>SO_TIMEOUT</code> timeout on the packet. ",
      "propertyOrder" : 500,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "serverPortNumber" : {
      "title" : "Port Number",
      "description" : "Port number on which the RADIUS server is listening.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    }
  }
}

delete

Usage

am> delete RadiusModule --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action RadiusModule --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action RadiusModule --realm Realm --actionName getCreatableTypes

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action RadiusModule --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query RadiusModule --realm Realm --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read RadiusModule --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update RadiusModule --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "healthCheckInterval" : {
      "title" : "Health check interval",
      "description" : "The interval between checks to unavailable RADIUS servers, in minutes. <br><br>Determines how often AM checks an offline server's status. The check will send an invalid authentication request to the RADIUS server. Offline servers will not be used until the healthcheck was successful. Primary servers that become available will be used in preference to secondary servers.",
      "propertyOrder" : 600,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "secondaryRadiusServers" : {
      "title" : "Secondary Radius Servers",
      "description" : "A list of secondary Radius servers that will be used for authentication, in case the primary servers are unavailable.<br><br>The module will use secondary servers for authentication if all primary servers are unavailable. For a single entry, specify the IP address, or fully qualified domain name of the Radius server.<br/><br/>Multiple entries allow associations between AM servers and a Radius server. The format is:<br/><br/><code>local server name | radius_server</code><br/><br/><i>NB </i>The local server name is the full name of the server from the list of servers and sites.",
      "propertyOrder" : 200,
      "required" : true,
      "items" : {
        "type" : "string"
      },
      "type" : "array",
      "exampleValue" : ""
    },
    "primaryRadiusServers" : {
      "title" : "Primary Radius Servers",
      "description" : "A list of primary Radius servers that will be used for authentication<br><br>The module will use these servers in preference to the secondary servers. For a single entry, specify the IP address or fully qualified domain name of the Radius server.<br/><br/>Multiple entries allow associations between AM servers and a Radius server. The format is:<br/><br/><code>local server name | radius_server</code><br/><br/><i>NB </i>The local server name is the full name of the server from the list of servers and sites.",
      "propertyOrder" : 100,
      "required" : true,
      "items" : {
        "type" : "string"
      },
      "type" : "array",
      "exampleValue" : ""
    },
    "stopRadiusbindAfterInmemoryLockedEnabled" : {
      "title" : "Stop RADIUS Binds after in-memory lockout",
      "description" : "If enabled, further bind requests will not be sent to Radius Server when the user is locked-out using in-memory Account Lockout.",
      "propertyOrder" : 650,
      "required" : true,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "authenticationLevel" : {
      "title" : "Authentication Level",
      "description" : "The authentication level associated with this module.<br><br>Each authentication module has an authentication level that can be used to indicate the level of security associated with the module; 0 is the lowest (and the default). ",
      "propertyOrder" : 700,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "sharedSecret" : {
      "title" : "Shared Secret",
      "description" : "The secret shared between the RADIUS server and the authentication module.",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "string",
      "format" : "password",
      "exampleValue" : ""
    },
    "serverTimeout" : {
      "title" : "Timeout",
      "description" : "Amount of time in seconds to wait for the RADIUS server response.<br><br>This sets the <code>SO_TIMEOUT</code> timeout on the packet. ",
      "propertyOrder" : 500,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "serverPortNumber" : {
      "title" : "Port Number",
      "description" : "Port number on which the RADIUS server is listening.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    }
  }
}

Global Operations

Resource path:

/global-config/authentication/modules/radius

Resource version: 1.0

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action RadiusModule --global --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action RadiusModule --global --actionName getCreatableTypes

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action RadiusModule --global --actionName nextdescendents

read

Usage

am> read RadiusModule --global

update

Usage

am> update RadiusModule --global --body body

Parameters

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "defaults" : {
      "properties" : {
        "secondaryRadiusServers" : {
          "title" : "Secondary Radius Servers",
          "description" : "A list of secondary Radius servers that will be used for authentication, in case the primary servers are unavailable.<br><br>The module will use secondary servers for authentication if all primary servers are unavailable. For a single entry, specify the IP address, or fully qualified domain name of the Radius server.<br/><br/>Multiple entries allow associations between AM servers and a Radius server. The format is:<br/><br/><code>local server name | radius_server</code><br/><br/><i>NB </i>The local server name is the full name of the server from the list of servers and sites.",
          "propertyOrder" : 200,
          "required" : true,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "healthCheckInterval" : {
          "title" : "Health check interval",
          "description" : "The interval between checks to unavailable RADIUS servers, in minutes. <br><br>Determines how often AM checks an offline server's status. The check will send an invalid authentication request to the RADIUS server. Offline servers will not be used until the healthcheck was successful. Primary servers that become available will be used in preference to secondary servers.",
          "propertyOrder" : 600,
          "required" : true,
          "type" : "integer",
          "exampleValue" : ""
        },
        "stopRadiusbindAfterInmemoryLockedEnabled" : {
          "title" : "Stop RADIUS Binds after in-memory lockout",
          "description" : "If enabled, further bind requests will not be sent to Radius Server when the user is locked-out using in-memory Account Lockout.",
          "propertyOrder" : 650,
          "required" : true,
          "type" : "boolean",
          "exampleValue" : ""
        },
        "serverTimeout" : {
          "title" : "Timeout",
          "description" : "Amount of time in seconds to wait for the RADIUS server response.<br><br>This sets the <code>SO_TIMEOUT</code> timeout on the packet. ",
          "propertyOrder" : 500,
          "required" : true,
          "type" : "integer",
          "exampleValue" : ""
        },
        "primaryRadiusServers" : {
          "title" : "Primary Radius Servers",
          "description" : "A list of primary Radius servers that will be used for authentication<br><br>The module will use these servers in preference to the secondary servers. For a single entry, specify the IP address or fully qualified domain name of the Radius server.<br/><br/>Multiple entries allow associations between AM servers and a Radius server. The format is:<br/><br/><code>local server name | radius_server</code><br/><br/><i>NB </i>The local server name is the full name of the server from the list of servers and sites.",
          "propertyOrder" : 100,
          "required" : true,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "authenticationLevel" : {
          "title" : "Authentication Level",
          "description" : "The authentication level associated with this module.<br><br>Each authentication module has an authentication level that can be used to indicate the level of security associated with the module; 0 is the lowest (and the default). ",
          "propertyOrder" : 700,
          "required" : true,
          "type" : "integer",
          "exampleValue" : ""
        },
        "serverPortNumber" : {
          "title" : "Port Number",
          "description" : "Port number on which the RADIUS server is listening.",
          "propertyOrder" : 400,
          "required" : true,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sharedSecret" : {
          "title" : "Shared Secret",
          "description" : "The secret shared between the RADIUS server and the authentication module.",
          "propertyOrder" : 300,
          "required" : true,
          "type" : "string",
          "format" : "password",
          "exampleValue" : ""
        }
      },
      "type" : "object",
      "title" : "Realm Defaults"
    }
  }
}
Copyright © 2010-2024 ForgeRock, all rights reserved.