3.61. <AuthBy SOAP> Previous topic Parent topic Child topic Next topic

This module handles authentication and accounting by sending it to a remote RADIUS server over TCP using the SOAP protocol. Each RADIUS request is transformed into a SOAP request, which is sent by HTTP or HTTPS to a remote SOAP server. The Remote SOAP server can be any implementation, but example SOAP server code is provided with Radiator.
AuthBy SOAP can be useful in order to tunnel RADIUS requests through ports 80 or 443 in a firewall, where UDP port 1645 is not permitted thought the firewall. It can also be used to improve reliability in some environments by using TCP rather than UDP. And RADIUS security can be improved by using HTTPS as the transport protocol, which will encrypt all the contents of the RADIUS request. Requires the SOAP::Lite Perl module and its prerequisites.
AuthBy SOAP uses a simple SOAP interface. An example Web Service Description Language file (goodies/soaprequest.wsdl) is provided for people wishing to implement their own SOAP RADIUS client.
Included with Radiator is a sample SOAP server CGI script and a SOAP handler module. The file goodies/soapradius.cgi receives SOAP radius requests as sent by AuthBy SOAP and invokes Radius::SOAPRequest::radius(), which is provided by Radius/SOAPRequest.pm. SOAPRequest transforms incoming SOAP requests into standard RADIUS requests and sends them to a RADIUS server. The RADIUS reply is sent back to AuthBy SOAP as the SOAP reply. In order to install the SOAP server, you will need to edit SOAPRequest.pm and specify the location of your RADIUS dictionary, and the address and port of the destination RADIUS server. The address defaults to localhost: 1647. You must also install soapradius.cgi in a suitable location in your web server's CGI directory. You may also need to edit soapradius.cgi if your Radiator per modules are not installed in the usual place.
Tip
See goodies/soap.cfg for an example configuration file.