Management and Configuration Guide (Includes ACM xl) 2005-12

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

171

172

173

174

175

176

177

178

179

180

ProCurve Secure Access 700wl Series Management and Configuration Guide 5-33

Configuring Authentication

The XML-RPC Service

The XML-RPC authentication service required by the 700wl Series system is a piece of code that resides

on the remote system between the 700wl Series system Remote Profiles API and whatever system

(database, directory, or application) contains user authentication and scheduling information.

The XML-RPC authentication service must perform the following tasks:

• The XML-RPC service accepts an “authenticate” <methodCall> from the 700wl Series System Rights

Manager.

• The service extracts the user identification information, and constructs the appropriate inquiry

needed to authenticate the user and retrieve his or her scheduling information.

• The service takes the returned information and constructs an XML-RPC response that includes the

authentication status and, if appropriate, the user’s schedule information in the form of a user

profile.

• When the XML-RPC service has constructed the response, it sends the response back to the Rights

Manager.

The Remote Profiles API

The Remote Profiles API consists of a single call/response pair. The 700wl Series System issues the

XML-RPC authenticate call to the XML-RPC “server” at the URL configured as an Authentication

Service in the Rights Manager.

The remote XML-RPC server must generate the authenticate response. The remote XML-RPC server

may simply act as a front end to another database that contains the user information. In this case, the

XML-RPC server would accept the authentication request from the V700wl Series System, in turn query

the appropriate database, and then form and send the appropriate response back to the 700wl Series

system.

The authenticate call to be made by the 700wl Series System is defined as follows:

authenticate (userid, password, location, MAC, options, randomstring)

These parameters are shown in Table 5-17:

Table 5-17. Parameters for Authenticate Call

Parameter Type Description

userid string User logon from 700wl Series system logon page

password string Password from 700wl Series system logon page, in clear text

location string Name of the 700wl Series system-defined location of the user

MAC string MAC address of the user, in the form 001122334455 (without colons)

options string A string that defines authentication and profile return options. Currently,

must be set to auth_profile

randomstring string Currently not used, but parameter must be present. Can be any string or a

null string.