17.07.2011 13:24:59
dcbanaynal
Posts: 19
|
Hi,
Let me pose the problem by stating a scenario:
A user with a Time-Limit of 5 connects for the first time. TR now returns 300 as Session-Timeout.
For some NAS-specific reasons (momentary carrier-loss betw AP and client, etc.), it issues Acct-Stop request. Within the Disassociation interval, NAS again authenticates the user. This can happen again within seconds time interval.
Now when TR just replies the cached initial response instead of going through the authentication process, it will reply with the cached 300 seconds Session-Timeout value, thereby unwantedly extending the user's session.
I hope I can get your idea/thoughts regarding this behaviour. I think the above mechanism is already implemented at NAS, to be enabled/disabled by the NAS admin. It is called Session-Resumption.
Thanks,
Dexter
|
|
|
0
• permalink
|
17.07.2011 14:57:42
Admin
Administrator
Posts: 1833
|
Hi,
TekRADIUS adds First-Logon Date/Time to user profile as soon as receiving first Accounting-Start. TekRADIUS will reply with Now - First-Logon in Session-Timeout
for subsequent authentication requests.
Best regards,
Yasin KAPLAN
|
|
|
0
• permalink
|