Systems Administration
      Back to home
      1. Support Portal
      2. Features
      3. Systems Administration

      Can Radius server be used to authenticate users to CruzOC

      This article describes a how to set up user authentication to a radius server

      CruzOC  supports radius authentication using an external radius authentication server. This implementation requires that a user is created in CruzOC with the same user name as the radius user name.


      1 Configure the CruzOC system to recognize your radius server.

      a. Navigate to the installDir/owareapps/installprops/lib/installed.properties file.

      b. Open the installed.properties file with a text editor.

      c. Add the following properties:

      com.dorado.server.radius.server=<serverIP> required

      com.dorado.server.radius.port=<radius port#> optional, default = 1812

      com.dorado.server.radius.secret=<radius secret value> required

      com.dorado.server.radius.timeout=<timeout in ms> optional, default = 1000 ms

      For example:

      com.dorado.server.radius.server=192.168.54.137

      com.dorado.server.radius.port=1812

      com.dorado.server.radius.secret=testing123

      com.dorado.server.radius.timeout=1000

      2 Enable radius authentication.

      a. Navigate to the installDir/oware/synergy/tomcat-7.0.40/webapps/netview/WEB-INF/classes/portal.properties file.

      b. Open the portal.properties file with a text editor.

      c. Add the following line:

      auth.pipeline.pre=com.dorado.nva.auth.CustomRadiusAuthenticator

      This property causes the CruzOC application to authenticate against the radius server prior to logging in through CruzOC authentication. To skip CruzOC authentication, continue with step 3. Otherwise, continue with step 4.

      3 Edit the server-overrides.properties file if you only want to athenticate against the radius server.

      a. Navigate to the installDir/oware/synergy/conf/server-overrides.properties.sample file.

      b. Rename the server-overrides.properties.sample file to server-overrides.properties.

      c. Open the server-overrides.properties file with a text editor.

      d. Add the following line:

      auth.pipeline.enable.liferay.check=false

      If this line is set to false, the CruzOC system authenticates against the radius server only. If set to true (or not set), authentication must pass at both the radius server and local CruzOC authentication.

      4 Verify that authentication work as defined.