0% found this document useful (0 votes)
146 views

Aradial AAA User Management HTTP API

Aradial AAA User Management HTTP API

Uploaded by

ramizzz
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
146 views

Aradial AAA User Management HTTP API

Aradial AAA User Management HTTP API

Uploaded by

ramizzz
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 67

Aradial AAA User Management

HTTP API
Specification
Aradial User Management HTTP API Specification

©2015 Aradial

This document contains proprietary and confidential information of Aradial and shall not be reproduced or
transferred to other documents, disclosed to others, or used for any purpose other than that for which it is
furnished, without the prior written consent of Aradial. It shall be returned to the Aradial upon request.

The trademark and service marks of Aradial, including the Aradial logo, are the exclusive property of Aradial, and
may not be used without permission. All other marks mentioned in this material are the property of their respective
owners.

Document Information
Software Version: 7.0-3
Document Version: 3.0
Publication Date: May 2015

Page 2
Aradial User Management HTTP API Specification

Contents
1. Introduction.......................................................................................................................... 4
Document Purpose and Scope ................................................................................................... 4
2. Principles of the API ........................................................................................................... 5
HTTP Server ............................................................................................................................... 5
HTTP Method ............................................................................................................................. 5
URL Format ................................................................................................................................ 5
Security........................................................................................................................................ 6
The Page Parameter .................................................................................................................... 6
Query Mechanism ...................................................................................................................... 6
Date and time formats ................................................................................................................ 8
3. User Management API ....................................................................................................... 9
Create User.................................................................................................................................. 9
Update User .............................................................................................................................. 12
Canceling a User ....................................................................................................................... 19
Get User List ............................................................................................................................. 21
Get Single User ......................................................................................................................... 24
Get User Online Sessions ......................................................................................................... 26
Get User Session History ......................................................................................................... 29
4. Group management API .................................................................................................. 32
Create a group ........................................................................................................................... 32
Update Group............................................................................................................................ 36
Delete a group ........................................................................................................................... 38
Get Group List .......................................................................................................................... 41
Get a Single Group ................................................................................................................... 44
5. NAS management API...................................................................................................... 46
Create a NAS ............................................................................................................................ 46
Update NAS .............................................................................................................................. 48
Delete a NAS ............................................................................................................................ 49
Get NAS List ............................................................................................................................ 52
Get a Single NAS ..................................................................................................................... 55
6. Dynamic Authorization APIs .......................................................................................... 57
Passive Disconnect a Session ................................................................................................... 57
Radius Forwarder ..................................................................................................................... 59
Disconnect Session ................................................................................................................... 59
Change of Authorization .......................................................................................................... 62
RADIUS User Request ............................................................................................................ 64
Disconnect User ........................................................................................................................ 66

Page 3
Aradial User Management HTTP API Specification

1. Introduction
Document Purpose and Scope
This document describes the HTTP variant of Aradial User Management API. This API is
used to manage user profiles in Aradial user database.
The API provides CRUD (Create/Read/Update/Delete) operations for the account and user
profile entities, and specifically it provides the following operations:
 Add a user
 Modify a user
 Cancel a user
 Search for a user
 Get user online sessions
 Get user session history

The document includes the following chapters:

 Chapter 1 – Introduction
 Chapter 2 – Principles of the API
 Chapter 3 – User Management API
 Chapter 7 – Group management APIs
 Chapter 8 – Dynamic Authorization APIs
 Chapter 9 – Batch Operations

Page 4
Aradial User Management HTTP API Specification

2. Principles of the API


HTTP Server
The API is implemented by the Aradial Admin web server. This is the same server that
implements the Aradial Admin application, although a separate instance of the server can be
deployed to serve the API.

HTTP Method
The API has the form of an HTTP request, with a POST or GET method. Except for the
Add/Modify user operations, which must use the POST method, all other operations can use
either POST or GET.

URL Format
The API request should use the following URL format:

http://{address of Aradial Admin}:{Port Of Aradial Admin}/Admin

Example:

http://localhost:8000/Admin

In case of using IIS, the URL format is:

http://{address of Aradial Admin}/{Virtual Directory Name)/ArdAdminIs.dll

Page 5
Aradial User Management HTTP API Specification

Example:

http://localhost/ardWeb/ArdAdminIs.dll

Security
All API requests must include authentication information, according to the HTTP basic
authentication scheme. The authentication information must point to an Aradial user with the
“API” administration rights, which is a special type of user role that is used for the user
management API.

Example: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==


Note: The user name and password are base64 encoded.

NOTE: Aradial default database does not contain any user with an API admin rights.
Therefore, before using the API, such a user must be created in the Aradial user
database and used in all API invocations.

The Page Parameter


The page parameter is used in all the API operations and is used determine the type of
operation used by the request.
Examples:
 In order to update user information, the page name is "UserEdit"
 In order to get user sessions, the page name is "UserSessions".

Query Mechanism
The User Management API provides a mechanism for performing complex queries. A
complex query is described using one or more HTTP parameters as described below:

Name Description
qdb_XXX A Parameter with the "qdb_" prefix describes an expression to be
included in the "where" clause of the query SQL statement that will be
performed on the Aradial database.
The XXX is the field name for which the value is checked.
The relation operation associated with the parameter is equality
(Match for Strings), except if specified otherwise (See the op_XXX
parameter).
The Field name may have one of the following formats:
 fieldname – No type is specified, considered to be string
 $fieldType$fieldName – The field type is specified, and may be

Page 6
Aradial User Management HTTP API Specification

one of the following:


o S – String
o N – An integer number
o F – Floating point number
o D – Date. The date format should be according to the
"DateFormat" setting in the "Misc" configuration section,
or "MM-DD-YY" if not specified.
o T – Time of day, should be in "hh[:mm][:ss] format
o I – IP Address, should be in numeric format
(xxx.yyy.zzz.aaa)
op_XXX A parameter with the "op_" prefix describes the relational operation to
perform for a single qdb_ parameter. This parameter must be placed
before the qdb_XXX parameter to which it relates.
The operator should be one of the following: ">", "<" and "=".
qdb_clause This parameter is a simple expression that is added to the "where" part
of the SQL select statement.

Query Samples
Sample1
Query Parameters:

qdb_Users.UserID=a%

Resulting where clause:

Where Users.UserID = ‘a%’

Sample2
Query Parameters:

op_$N$Users.MaxSessions=>
qdb_$N$Users.MaxSessions=0
op_$N$Users.MaxSessions=<
qdb_$N$Users.MaxSessions=2

Resulting where clause:


Where Users.MaxSessions > 0 and Users.MaxSessions < 2

Page 7
Aradial User Management HTTP API Specification

Sample3
Query Parameters:

op_$N$Users.MaxSessions=>
qdb_$N$Users.MaxSessions=0
op_$N$Users.MaxSessions=<
qdb_$N$Users.MaxSessions=2
qdb_Clause=Users.GroupName in ("Group1", "Group2", "Group3")

Resulting where clause:

Where Users.MaxSessions > 0 and Users.MaxSessions < 2 And Users.GroupName in


("Group1", "Group2", "Group3")

Date and time formats


All date fields ($D$) can be sent either by the Date Format derived from the configuration
settings format (not recommended), or by the following format:

For Date:

DYYYY-MM-DD

For Date Time:

TYYYY-MM-DD hh:mm:ss

Page 8
Aradial User Management HTTP API Specification

3. User Management API


This chapter provides detailed description of the User Management API operations.
The parameters of each operation may have one of the following types:
 M – Mandatory
 O – Optional
 C – Conditional. The parameter may be mandatory or not, depending on some condition,
which is specified in the parameter description.
 OV – Optional for VOIP module only

Create User
Description
Add a user profile to the Aradial user profile database.

Http Method
Must be POST.

Parameters
Name Description Type
Page Selects the Create User operation. M
Must be “UserEdit”.
Add Indicates that this is an add operation. M
Must have a value of “1”.
db_Users.UserID The user name for the new user. M
Password The plain password of the new user. C
This parameter is mandatory if Aradial
is configured to store passwords
locally. Otherwise it is not used.
PasswordEncryptionType If this option exists with non empty O
value, it is assumed that the
"Password" field is already encrypted
according to the numeric value as
bellow:
0 – Plain password.
1 – SHA encrypted password.
2 – Unix Crypt (By DES) encryption
password.
5 – Unix Crypt (By MD5) encryption
password.

Page 9
Aradial User Management HTTP API Specification

7 – Plain MD5 hash in hexadecimal


form
AcceptPassword When specified, allows the password O
score to be lower than the password
warning score. This parameter is used
to skip the password scoring
mechanism.
db_$N$Users.PasswordSource Indicate the source of the password: 0 O
– According to the group, 1 – From the
Aradial user entity record, 2 –
Operation system, 3 – LDAP database,
4 – Secure ID.
db_$N$Users.Status The Account Status (0 – Active, 1 – O
Canceled, 2 – Pending, 3 –
Suspended).
db_$D$Users.StartDate The user’s start date. O
db_$D$Users.UserExpiryDate The user’s expiration date. O
RelativeExpirationTime The time of the expiration time relative O
to now (in seconds).
db_$RS$Users.GroupName The user group name. M
db_$S$Users.HotlineGroup The user Hotline group. O
db_$N$Users.BusinessEntityIndex The Business Entity Index for the user. O
db_$N$UserDetails.AdminType The user administration privilege type. O
db_Users.CallerID The user caller ID. O
db_Users.CallBackNumber The user call back number. O
db_$N$Users.UserService The user service number. Note that the O
parameter must contain the number of
the service, as defined in the Aradial
NasCfgDbs configuration file.
db_$N$Users.ServiceType The ID of the service Type associated
with the user.
db_$N$User.MaxSessions Override the number of concurrent O
sessions allowed for this user.
db_$I$Users.UserIP The remote IP of the user. O
db_Users.FilterName The filter name. O
db_Users.NASAttributes User level parameters used for O
personalized authorization definitions.
db_$S$Users.UserAdditionalServices A columns separated list of additional O
services (Number).
db_UserDetails.FirstName The user first name. O
db_UserDetails.LastName The user last name. O
db_UserDetails.Company The user company. O
db_UserDetails.Email The user email. O
db_UserDetails.Address1 The user address (Line 1). O
db_UserDetails.Address2 The user address (Line 2). O

Page 10
Aradial User Management HTTP API Specification

db_UserDetails.City The user city. O


db_$GS$UserDetails.State The user state. O
db_$GS$UserDetails.Country The user country. O
db_UserDetails.Zip The user Zip. O
db_UserDetails.PhoneHome The user home phone number. O
db_UserDetails.PhoneWork The user work phone number. O
db_UserDetails.Mobile The user mobile number. O
db_UserDetails.CustomInfo1 Custom information. O
db_UserDetails.CustomInfo2 Custom information. O
db_UserDetails.CustomInfo3 Custom information. O
db_UserDetails.CustomInfo4 Custom information. O
db_UserDetails.Comments Comments. O

Return Result
Success Result
Following is the format of a success result:
<Result>
<Status value="Success" />
<Operation type="added" />
<Entity type="User" name="{UserId}" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="added" />
<Reason value="{ErrorReason}" />
</Result>

Example
Add a user with a user name of "joe", password "1234" and GroupName of "Analog".
For the example, it is assumed that there is a user with name "API” that has "API" rights, and
a password of "1111".

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Page 11
Aradial User Management HTTP API Specification

Parameters:

Page=UserEdit
Add=1
db_Users.UserId=Joe
Password=1234
db_$RS$Users.GroupName=Analog

The expected return result is:


<Result>
<Status value="Success" />
<Operation type="added" />
<Entity type="User" name="joe" />
</Result>

Update User
Description
Update a user profile in the Aradial user profile database.

Http Method
Must be POST.

Parameters
Name Description Type
Page Selects the Update User operation. Must be M
“UserEdit”.
Modify Indicates that this is an update operation. Must M
have a value of “1”.
UserID The user name of the user to update. M
Password The plain password of the new user. O
PasswordEncryptionType If this option exists with non empty value, it is O
assumed that the "Password" field is already
encrypted according to the numeric value as
bellow:
0 – Plain password.
1 – SHA encrypted password.
2 – Unix Crypt (By DES) encryption password.
5 – Unix Crypt (By MD5) encryption password.

Page 12
Aradial User Management HTTP API Specification

7 – Plain MD5 hash in hexadecimal form


AcceptPassword When specified, allows the password score to O
be lower than the password warning score. This
parameter is used to skip the password scoring
mechanism.
db_$N$Users.PasswordSource Indicate the source of the password: 0 – O
According to the group, 1 – From the Aradial
user entity record, 2 – Operation system, 3 –
LDAP database, 4 – Secure ID.
db_$N$Users.Status The Account Status (0 – Active, 1 – Canceled, 2 O
– Pending, 3 – Suspended).
db_$D$Users.StartDate The user start date. O
db_$D$Users.UserExpiryDate The user expiration date. O
RelativeExpirationTime The time of the expiration time relative to now O
(in seconds).
db_$RS$Users.GroupName The user group name. O
db_$S$Users.HotlineGroup The user Hotline group. O
db_$N$Users.BusinessEntityIndex The Business Entity Index for the user. O
db_Users.CallerID The user caller ID. O
db_Users.CallBackNumber The user call back number. O
db_$N$Users.UserService The user service number. Note that the O
parameter must contain the number of the
service, as defined in the Aradial NasCfgDbs
configuration file.
db_$N$Users.ServiceType The ID of the service Type associated with the
user.
db_$N$User.MaxSessions Override the number of session that allowed for O
this user.
db_$I$Users.UserIP The remote IP of the user. O
db_Users.FilterName The filter name. O
db_Users.NASAttributes User level parameters used for personalized O
authorization definitions.
db_$S$Users.UserAdditionalServic A columns separated list of additional services O
es (Number).
db_UserDetails.FirstName The user first name. O
db_UserDetails.LastName The user last name. O
db_UserDetails.Company The user company. O
db_UserDetails.Email The user email. O
db_UserDetails.Address1 The user address (Line 1). O
db_UserDetails.Address2 The user address (Line 2). O
db_UserDetails.City The user city. O
db_$GS$UserDetails.State The user state. O
db_$GS$UserDetails.Country The user country. O
db_UserDetails.Zip The user Zip. O
db_UserDetails.PhoneHome The user home phone number. O

Page 13
Aradial User Management HTTP API Specification

db_UserDetails.PhoneWork The user work phone number. O


db_UserDetails.Mobile The user mobile number. O
db_UserDetails.CustomInfo1 Custom information. O
db_UserDetails.CustomInfo2 Custom information. O
db_UserDetails.CustomInfo3 Custom information. O
db_UserDetails.CustomInfo4 Custom information. O
db_UserDetails.Comments Comments. O
UserLockout This parameter is used to Lock or Unlock a O
user: 1 – Lock, 0 – Unlock.

Page 14
Aradial User Management HTTP API Specification

Return Result
Success Result
Following is the format of a success result:
<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="User" name="{UserId}" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="updated" />
<Reason value="{ErrorReason}" />
</Result>

Example 1 – Modify user service


Modify the service of the user “joe” to Rlogin (number 7 according to NasCfgDbs).

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:

Page=UserEdit
Modify=1
UserID=Joe
db_$N$Users.UserService=7

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="User" name="joe" />
</Result>

Page 15
Aradial User Management HTTP API Specification

Example 2 – Locking a user


Locking the user Joe

HTTP Variable Value


URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:

Page=UserEdit
Modify=1
UserID=Joe
UserLockout=1

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="User" name="joe" />
</Result>

Example 3 – Unlocking a user


Unlocking the user Joe

HTTP Variable Value


URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:

Page=UserEdit
Modify=1
UserID=Joe
UserLockout=0

Page 16
Aradial User Management HTTP API Specification

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="User" name="joe" />
</Result>

Example 4 – Activating a user


Make the user joe active

HTTP Variable Value


URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:

Page=UserEdit
Modify=1
UserID=Joe
db_$N$Users.Status=0

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="User" name="joe" />
</Result>

Example 5 – Suspending a user


Disable the user joe.

HTTP Variable Value


URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Page 17
Aradial User Management HTTP API Specification

Parameters:

Page=UserEdit
Modify=1
UserID=Joe
db_$N$Users.Status=3

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="User" name="joe" />
</Result>

Example 6 – Change user group


Change the group of user "joe" to "Wifi"

HTTP Variable Value


URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:

Page=UserEdit
Modify=1
UserID=Joe
db_$RS$Users.GroupName=Wifi

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="User" name="joe" />
</Result>

Page 18
Aradial User Management HTTP API Specification

Canceling a User
Description
Delete one or more users from the Aradial user database.

Http Method
Get or POST.

Parameters
Name Description Type
Page Selects the Update User operation. Must be M
“UserEdit”.
ConfirmDelete Indicates that this is a delete operation. Must have M
a value of “1”.
$Checked${UserId} The parameter name contains the user name of the M
user to delete as a suffix. The parameter value
should be “1”. Multiple such parameters can be
used in order to perform delete of multiple users.
Example: $Checked$joe

Return Result
Success Result
Following is the format of a success result:

<Result>
<Status value="Success" />
<Operation type="deleted" />
<Entity type="User" name="{UserID}" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="deleted" />
<Reason value="{ErrorReason}" />
</Result>

Page 19
Aradial User Management HTTP API Specification

Example
Delete the user “joe”.

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=UserEdit
ConfirmDelete=1
$Checked$Joe=1

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="deleted" />
<Entity type="User" name="joe" />
</Result>

Page 20
Aradial User Management HTTP API Specification

Get User List


Description
Fetch a list of users according to some criterion.
The query is defined using the query mechanism (see Query Mechanism for details) and may
include any column from the Users and UserDetails Aradial database tables.

Http Method
Get.

Parameters
Name Description Type
Page Selects the get user list operation. Must be M
“UserHit”.
RowNumber The row number of the result set to start from. O
This parameter can be used to browse a result set
in case of large result sets. The default size of a
returned result set is 20. This setting can be
modified in Aradial Admin
(Configuration/Interface/Number of Rows per Hit
Page).
OnePage Returns the entire result set, regardless of its size. O
This parameter must have a value of 1.

qdb_XXX See the Query Mechanism for details. O


op_xxx See the Query Mechanism for details. O
qdb_clause See the Query Mechanism for details. O

Page 21
Aradial User Management HTTP API Specification

Return Result
Success Result
Following is the format of a success result:

<Users>
<TR>
<TD fieldName="Users.UserID">{User1-Id}</TD>
<TD fieldName="Users.PasswordSource">{User1-PasswordSource}</TD>
<TD fieldName="Users.Password">{User1-Password}</TD>
.
.
</TR>
.
.
<TR>
<TD fieldName="Users.UserID">{UserN-Id}</TD>
<TD fieldName="Users.PasswordSource">{UserN-PasswordSource}</TD>
<TD fieldName="Users.Password">{UserN-Password}</TD>
.
.
</TR>
</Users>

The result contains a set of <TR>…</TR> elements, one for each user in the result set. Each
such element contains all the fields of the user from the Users and UserDetails tables.

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Example
Fetch all users with a username that begins with an “a”.

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Page 22
Aradial User Management HTTP API Specification

Parameters:

Page=UserHit
qdb_Users.UserID=a%

The expected return result is:


<Users>
<TR>
<TD fieldName="Users.UserID">abraham</TD>
<TD fieldName="Users.PasswordSource">0</TD>
<TD fieldName="Users.Password"> password123</TD>
<TD fieldName="Users.GroupName">Analog</TD>
.
.
</TR>
.
.
<TR>
<TD fieldName="Users.UserID">arnold12</TD>
<TD fieldName="Users.PasswordSource">0</TD>
<TD fieldName="Users.Password"> schwartzeneger</TD>
<TD fieldName="Users.GroupName">Wifi</TD>
.
.
</TR>
</Users>

Page 23
Aradial User Management HTTP API Specification

Get Single User


Description
Fetch a single user based on the user name of the user.
This method is used for simple retrieval of users based on user name, while the Get User List
may be used for more complex queries involving multiple users.

Http Method
Get.

Parameters
Name Description Type
Page Selects the get user details operation. Must be M
“UserEdit”.
UserID The user name of the user to fetch. M
CheckPassword The user password, if specified is verified with the O
user’s password and if there is no match, the fetch
fails. This parameter is useful for verifying the
user’s password as part of the API operation.

Return Result
Success Result
Following is the format of a success result:

<User>
<TD fieldName="Users.UserID">{User-Id}</TD>
<TD fieldName="Users.PasswordSource">{User-PasswordSource}</TD>
<TD fieldName="Users.Password">{User-Password}</TD>
<TD fieldName="Users.GroupName">{User-GroupName}</TD>
.
.
</User>

The result contains a set of <TD>…</TD> elements, one for each column of the user from the
Users and UserDetails tables.

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>
Page 24
Aradial User Management HTTP API Specification

Example
Fetch the user “joe”.

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=UserEdit
UserID=joe

The expected return result is:


<User>
<TD fieldName="Users.UserID">joe</TD>
<TD fieldName="Users.PasswordSource">0</TD>
<TD fieldName="Users.Password"> password666</TD>
<TD fieldName="Users.GroupName">Analog</TD>
.
.
<TD fieldName="UserDetails.FirstName">Joe</TD>
<TD fieldName="UserDetails.LastName">Bent</TD>
.
.
</User>

Page 25
Aradial User Management HTTP API Specification

Get User Online Sessions


Description

Fetch the list of the current online (active) sessions.


Note that either the entire list of active session or the active sessions for a specific user are
fetched.

Http Method
Get.

Parameters
Name Description Type
Page Selects the get user online sessions operation. M
Must be “Sessions”.
UserID Fetch the active sessions for a specific user name. O
SortBy Selects the sort order for the sessions. Valid O
values:
 NAS Name
 Online Since
 Time Online
 User
Ascending Selects the sort direction of the result. Valid values O
are:
 Ascending – default
 Descending.
RowNumber The row number of the result set to start from. O
This parameter can be used to browse a result set
in case of large result sets. The default size of a
returned result set is 20. This setting can be
modified in Aradial Admin
(Configuration/Interface/Number of Rows per Hit
Page).
OnePage Returns the entire result set, regardless of its size. O
This parameter must have a value of 1.

Page 26
Aradial User Management HTTP API Specification

Return Result
Success Result
Following is the format of a success result:

<Sessions>
<TR>
<TD fieldName="UserID">{Session1-UserId}</TD>
<TD fieldName="NasIndex">{Nas Index}</TD>
<TD fieldName="NasID">{Nas ID}</TD>
<TD fieldName="NASName">{Session1-NASName}</TD>
<TD fieldName="NASPort">{Session1-NASPort}</TD>
<TD fieldName="AcctSessionID">{Accounting Session ID}</TD>
<TD fieldName="UserIndex">{The User index}</TD>
<TD fieldName="GroupIndex">{The Group index}</TD>
<TD fieldName="Service">{The Service}</TD>
<TD fieldName="UserIP">{The User IP}</TD>
<TD fieldName="StartTime>{Session1-StartTime}</TD>
<TD fieldName="SessionTime">{Session1-SessionTime}</TD>
</TR>
.
.
</Sessions>

The result contains a set of <TR>…</TR> elements, one for each session in the result set.

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Example
Fetch all active sessions for the user DemoUser1.

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Page 27
Aradial User Management HTTP API Specification

Parameters:

Page=Sessions
UserID=DemoUser1

The expected return result is:


<Sessions>
<TR>
<TD fieldName="UserID">DemoUser1</TD>
<TD fieldName="NASIndex">1</TD>
<TD fieldName="NASID">127.0.0.1</TD>
<TD fieldName="NASName">NasSim</TD>
<TD fieldName="NASPort">0</TD>
<TD fieldName="AcctSessionId">180412</TD>
<TD fieldName="UserIndex">1</TD>
<TD fieldName="GroupIndex">4</TD>
<TD fieldName="Service">WLAN-AP</TD>
<TD fieldName="UserIP"></TD>
<TD fieldName="StartTime">Sun 11:57</TD>
<TD fieldName="SessionTime">01:15:19</TD>
</TR>
</Sessions>

Page 28
Aradial User Management HTTP API Specification

Get User Session History


Description
Fetch a list of past sessions for a given user.
The query is defined using the query mechanism (see Query Mechanism for details). The
query may include any column from the AccountingLog, Users and UserDetails tables.

Http Method
Get.

Parameters
Name Description Type
Page Selects the get user session history operation. M
Must be “UserSessions”.
RowNumber The row number of the result set to start from. O
This parameter can be used to browse a result set
in case of large result sets. The default size of a
returned result set is 20. This setting can be
modified in Aradial Admin
(Configuration/Interface/Number of Rows per Hit
Page).
OnePage Returns the entire result set, regardless of its size. O
This parameter must have a value of 1.
SessionsMode Enables to return all the accounting records,
including Start, Stop and Interim.
If this parameter is used with a value of
“UsrAllSessions” then all accounting record types
are returned. Otherwise, only Stop records are
returned (default).
qdb_XXX See the Query Mechanism for details. O
op_xxx See the Query Mechanism for details. O
qdb_clause See the Query Mechanism for details. O

Success Result
Following is the format of a success result:

The result contains a set of <TR>…</TR> elements, one for each session in the result set.

Page 29
Aradial User Management HTTP API Specification
<UserSessions>
<TR>
<TD fieldName="NASIdentifier">[The NAS Identifier]</TD>
<TD fieldName="NASIndex">[The NAS Index]</TD>
<TD fieldName="NASPort">[The NAS Port]</TD>
<TD fieldName="AcctSessionId">[The Session ID]</TD>
<TD fieldName="AcctStatusType">[The Status type]</TD>
<TD fieldName="AcctDate">[The Acct Date]</TD>
<TD fieldName="UserID">[The User ID]</TD>
<TD fieldName="AcctAuthentic">[The Act Authentic]</TD>
<TD fieldName="ISPService">[The ISP Service]</TD>
<TD fieldName="ServiceType">[The Service Type]</TD>
<TD fieldName="FramedProtocol">[The Framed Protocol]</TD>
<TD fieldName="FramedCompression">[The Framed Compression]</TD>
<TD fieldName="FramedAddress">[The Framed Address]</TD>
<TD fieldName="LoginService">[The Login Service]</TD>
<TD fieldName="LoginHost">[The Login Host]</TD>
<TD fieldName="AcctDelayTime">[The Accounting Delay time]</TD>
<TD fieldName="AcctSessionTime">[The Accounting Session time]</TD>
<TD fieldName="AcctInputOctets">[The Accounting Input Octets]</TD>
<TD fieldName="AcctOutputOctets">[The Accounting Input Octets]</TD>
<TD fieldName="NASPortType">[The NAS Port Type]</TD>
<TD fieldName="AcctTerminateCause">[The Accounting Terminate cause]</TD>
<TD fieldName="CallerId">[The Caller ID]</TD>
<TD fieldName="CalledId">[The Called ID]</TD>
<TD fieldName="UserServiceType">[The User Service Type]</TD>
<TD fieldName="CallPrefix">[The Call Prefix]</TD>
<TD fieldName="AccessCode">[The Access Code]</TD>
<TD fieldName="h323_disconnect_cause">[The h323 Disconnect Cause]</TD>
<TD fieldName="h323_remote_address">[The h323 Remote Address]</TD>
<TD fieldName="h323_connect_time">[The h323 Connect time]</TD>
<TD fieldName="h323_disconnect_time">[The h323 Disconnect time]</TD>
<TD fieldName="h323_call_type">[The h323 Call Type]</TD>
<TD fieldName="h323_call_origin ">[The h323 Call Origin]</TD>
</TR>
.
</UserSessions>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Example
Fetch all sessions for DemoUser1 between the dates 1-1-2005 and 1-31-2005.

Page 30
Aradial User Management HTTP API Specification

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=UserSessions
qdb_Users.UserID=DemoUser1
op_$D$AcctDate=>
qdb_$D$AcctDate=1/1/2005
op_$D$AcctDate=<
qdb_$D$AcctDate=1/31/2005

The expected return result is:

<UserSessions>
<TR>
<TD fieldName="UserID">DemoUser1</TD>
<TD fieldName="NASName">NasSim</TD>
<TD fieldName="NASPort">1</TD>
<TD fieldName="InTime">01/07/05 20:46:41 </TD>
<TD fieldName="Service">PPP</TD>
<TD fieldName="CallerId"></TD>
<TD fieldName="AcctOutputOctets">0</TD>
<TD fieldName="AcctInputOctets">0</TD>
<TD fieldName="FramedAddress">255.255.255.254</TD>
.
.
.

</TR>
<TR>
<TD fieldName="UserID">DemoUser1</TD>
<TD fieldName="NASName">NasSim</TD>
<TD fieldName="NASPort">1</TD>
<TD fieldName="InTime">01/14/05 19:14:41 </TD>
<TD fieldName="Service">PPP</TD>
<TD fieldName="CallerId"></TD>
<TD fieldName="AcctOutputOctets">0</TD>
<TD fieldName="AcctInputOctets">0</TD>
<TD fieldName="FramedAddress">255.255.255.254</TD>
.
.
.

</TR>
</UserSessions>

Page 31
Aradial User Management HTTP API Specification

4. Group management API


Create a group
Description
Create a new group in the Aradial database.

Http Method
Must be POST.

Parameters
Name Description Type
Page Selects the Create Group operation. M
Must be “GroupEdit”.
Add Indicates that this is an add operation. M
Must have a value of “1”.
db_$RS$GroupName The Group name. M
db_$N$IsSubGroup Indicate whether it’s a SubGroup: 1 – M
SubGroup, 0 – Group.
db_$N$NASIndex The NAS Index, should be 0 if not O
SubGroup.
db_$N$Active Indicate whether the group is Active (1 – O
Active, 0 – Not Active). Default is not
active.
db_$N$Service The service ID that is associated with M
this group.
db db_$N$EnableCallback A Flag indicating whether to enable O
callback (1 – Enable, 0 – Disabled).
db_IPPool The list of IP Pools that are used by this O
group.
db_$N$MultiSessionAsMultiLnk Indicate whether to treat multi session as O
multilink (1 – Enable, 0 – Disabled).
db_$RN$PasswordSource The Password source: O
0 – According to default settings
1 – Aradial users database
2 – From OS
3 – From LDAP database
4 – From as Secure ID device
5 – No Password
db_$N$AutoAddOnFirstConnect Determine whether to AutoAdd the O
users on 1st connect. (1 – Enable, 0 –
Disabled).

Page 32
Aradial User Management HTTP API Specification

db_$I$RemoteIP The remote IP of the user. O


db_FilterName The filter name. O
db_CallerIDTemplate The CallerID template. O
db_NASAttributes Group level parameters used for O
personalized authorization definitions.
db_$N$MaxTotGroupSess The maximum number of sessions for O
this group (0 – No Limit).
db_$N$MaxSameUserSess The maximum number of sessions for O
each user in this group (0 – No Limit).
db_$N$NoAccessBySesLimit A flag to determine whether to apply the O
session limit setting (1 = Yes, 0 =No).
db_$F$SessionLimit The session limit in seconds. O
db_$F$IdleTime The session idle time. O
db_$N$BusinessEntityIndex The index of a business entity that is OV
related to this group.
db_$RN$AutoExpirePolicy The AutoExpire Policy: O
0 – None
1 – Minutes
2 – Hours
3 – Days
db_$N$AutoExpireTime The AutoExpire time (According to O
Policy).
db_$D$AcctStartDate The start date to accept this group. O
db_$D$AcctExpireDate The end date to accept this group. O
db_$S$OnCreateUser An operation to perform when adding a O
user to this group.
db_$S$OnActivateCommand An operation to perform when activating O
a user from this group.
db_$S$OnUpdateCommand An operation to perform when updating O
a user from this group.
db_$S$OnPasswordChangeCommand An operation to perform when changing O
a password of a user in this group.
db_$S$OnSuspendCommand An operation to perform when O
suspending a user from this group.
db_$S$OnUnsuspendCommand An operation to perform when un O
suspending a user from this group.
db_$S$OnCancelCommand An operation to perform when canceling O
a user from this group.
db_$S$AfterAddUserResourceCommand An operation to perform when adding a O
user resources from this group.
db_$S$OnUpdateUserResourceCommand An operation to perform when updating O
a user resources from this group.
db_$S$OnDelUserResourceCommand An operation to perform when deleting a O
user resources from this group.
db_$N$BlackList The Black List Id. O

Page 33
Aradial User Management HTTP API Specification

db_$N$WhiteList The White List Id. O


Return Result
Success Result
Following is the format of a success result:

<Result>
<Status value="Success" />
<Operation type="added" />
<Entity type="User" name="{GroupName}" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="added" />
<Reason value="{ErrorReason}" />
</Result>

Example – Create a group


Add a group with the name "Series1" that has Service of PPP (number 1) and limit the
maximum user sessions to 1

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:
Page=GroupEdit
Add=1
db_$RS$GroupName=Series1
db_$N$IsSubGroup=0
db_$N$Active=1
db_$N$Service=1
db_$N$MaxSameUserSess=1
db_$N$MaxTotGroupSess=0

Page 34
Aradial User Management HTTP API Specification

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="added" />
<Entity type="Group" name="Series1" />
</Result>

Example – Create a sub group


Add a sub group to series1 for NAIndex 1. For that NAS, allow users to login twice.

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:

Page=GroupEdit
Add=1
db_$RS$GroupName=Series1
db_$N$NASIndex=1
db_$N$Active=1
db_$N$Users.UserService=1
db_$N$MaxSameUserSess=2

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="added" />
<Entity type="Group" name="Series1" />
</Result>

Page 35
Aradial User Management HTTP API Specification

Update Group
Description
Update a group in the Aradial database.

Http Method
Must be POST.

Parameters
Name Description Type
Page Selects the Update Group operation. M
Must be “GroupEdit”.
Modify Indicates that this is an update M
operation. Must have a value of “1”.
GroupName The original Group name. M
NASIndex The original NAS Index O
db_$RS$GroupName The Group name. O
db_$N$IsSubGroup Indicate whether it is a SubGroup: 1 – O
SubGroup, 0 – Group
db_$N$NASIndex The updated NAS Index, should be 0 if O
not SubGroup.
db_$N$Active Indicate whether he group Active (1 – O
Active, 0 – Not Active).
db_$N$Service The default service ID that associated O
with this group.
db db_$N$EnableCallback A Flag indicating whether to enable O
callback (1 – Enable, 0 – Disabled)
db_IPPool The list of IP Pools that are used by this O
group.
db_$N$MultiSessionAsMultiLnk Indicate whether to treat multi session O
as multilink (1 – Enable, 0 – Disabled)
db_$RN$PasswordSource The Password source: O
0 – According to default settings.
1 – Aradial users database
2 – From OS
3 – From LDAP database
4 – From as Secure ID device
5 – No Password
db_$N$AutoAddOnFirstConnect Determine whether to Auto Add the O
users on 1st connect. (1 – Enable, 0 –
Disabled)
db_$I$RemoteIP The static IP of the user. O
db_FilterName The filter name. O

Page 36
Aradial User Management HTTP API Specification

db_CallerIDTemplate The CallerID template. O


db_NASAttributes Group level parameters used for O
personalized authorization definitions.
db_$N$MaxTotGroupSess The maximum number of sessions for O
this group (0 – No Limit)
db_$N$MaxSameUserSess The maximum number of sessions for O
each user in this group (0 – No Limit)
db_$N$NoAccessBySesLimit A flag to whether to apply the session O
limit setting (1 = Yes, 0 =No)
db_$F$SessionLimit The session limit in seconds. O
db_$F$IdleTime The session idle time O
db_$N$BusinessEntityIndex The index of a business entity that is OV
related to this group.
db_$RN$AutoExpirePolicy The Auto Expire Policy: O
0 – None
1 – Minutes
2 – Hours
3 – Days
db_$N$AutoExpireTime The Auto Expire time (According to O
Policy).
db_$D$AcctStartDate The start date to accept this group. O
db_$D$AcctExpireDate The end date to accept this group. O
db_$S$OnCreateUser An operation to perform when adding a O
user to this group.
db_$S$OnActivateCommand An operation to perform when O
activating a user from this group
db_$S$OnUpdateCommand An operation to perform when updating O
a user from this group.
db_$S$OnPasswordChangeCommand An operation to perform when O
changing a password of a user in this
group.
db_$S$OnSuspendCommand An operation to perform when O
suspending a user from this group
db_$S$OnUnsuspendCommand An operation to perform when un O
suspending a user from this group
db_$S$OnCancelCommand An operation to perform when O
canceling a user from this group
db_$S$AfterAddUserResourceCommand An operation to perform when adding a O
user resources from this group
db_$S$OnUpdateUserResourceCommand An operation to perform when updating O
a user resources from this group
db_$S$OnDelUserResourceCommand An operation to perform when deleting O
a user resources from this group
db_$N$BlackList The Black List Id O
db_$N$WhiteList The White List Id O

Page 37
Aradial User Management HTTP API Specification

Return Result
Success Result
Following is the format of a success result:

<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="Group" name="{GroupName }" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="updated" />
<Reason value="{ErrorReason}" />
</Result>

Example 1 – Modify user service


Modify the service of the Group “Series1” to Rlogin (number 7 according to NasCfgDbs).

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:

Page=GroupEdit
Modify=1
GroupName=Series1
db_$N$Service=7

The expected return result is:


<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="group" name="Series1" />
</Result>
Page 38
Aradial User Management HTTP API Specification

Delete a group
Description
Delete a group from the Aradial database.

Http Method
Get or POST.

Parameters
Name Description Type
Page Selects the Update Group operation. Must be M
“GroupEdit”.
ConfirmDelete Indicates that this is a delete operation. Must have M
a value of “1”.
GroupName The group name to delete M
NASIndex The NASIndex if SubGroup O

Return Result
Success Result
Following is the format of a success result:

<Result>
<Status value="Success" />
<Operation type="deleted" />
<Entity type="group" name="{GroupName}" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="deleted" />
<Reason value="{ErrorReason}" />
</Result>

Example
Delete the group “Series1”.

Page 39
Aradial User Management HTTP API Specification

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=GroupEdit
ConfirmDelete=1
GroupName=Series1

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="deleted" />
<Entity type="group" name="Series1" />
</Result>

Page 40
Aradial User Management HTTP API Specification

Get Group List


Description
Fetch all the groups or all subgroups of a group

Http Method
Get.

Parameters
Name Description Type
Page Selects the get group list operation. Must be M
“GroupHit”.
MainGroup The main group, in case of fetching of sub groups. O
If this parameter is specified then all sub groups of
the group will be fetched.

Return Result
Success Result
Following is the format of a success result:

<Groups>
<TR>
<TD fieldName="GroupName">{Group1-Id}</TD>
<TD fieldName=" Service">{Group1-Service}</TD>
<TD fieldName=" IPPool">{Group1- IPPoold}</TD>
.
.
</TR>
.
.
<TR>
<TD fieldName="GroupName">{GroupN-Id}</TD>
<TD fieldName=" Service">{GroupN-Service}</TD>
<TD fieldName=" IPPool">{GroupN- IPPoold}</TD>
.
.
</TR>
</Groups>

The result contains a set of <TR>…</TR> elements, one for each group in the result set. Each
such element contains all the fields of the Group table.

Page 41
Aradial User Management HTTP API Specification

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Example – Fetch All main groups


Fetch all Groups

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=GroupHit

The expected return result is:


<Groups>
<TR>
<TD fieldName="GroupName">Wifi 1</TD>
<TD fieldName=" Service">1</TD>
<TD fieldName=" IPPool">Pool1</TD>
.
.
</TR>
.
.
<TR>
<TD fieldName="GroupName">Analog</TD>
<TD fieldName=" Service">1</TD>
<TD fieldName=" IPPool">Pool2</TD>
.
.
</TR>
</Groups>

Page 42
Aradial User Management HTTP API Specification

Example – Fetch a sub group


Fetch all sub groups of the group "Analog"

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=GroupHit
MainGroup=Analog

The expected return result is:


<Groups>
<TR>
<TD fieldName="GroupName"> Analog </TD>
<TD fieldName=" NASIndex">1</TD>
<TD fieldName=" Service">1</TD>
<TD fieldName=" IPPool">Poo3</TD>
.
.
</TR>
.
.
<TR>
<TD fieldName="GroupName">Analog</TD>
<TD fieldName=" NASIndex">2</TD>
<TD fieldName=" Service">1</TD>
<TD fieldName=" IPPool">Pool4</TD>
.
.
</TR>
Groups>

Page 43
Aradial User Management HTTP API Specification

Get a Single Group


Description
Fetch a single group based on the group name or group name and NAS index.

Http Method
Get.

Parameters
Name Description Type
Page Selects the get user details operation. Must be M
“GroupEdit”.
GroupName The group name to fetch. M
NASIndex The NAS Index, if Sub Group O

Return Result
Success Result
Following is the format of a success result:

<Group>
<TD fieldName="GroupName"> {Name} </TD>
<TD fieldName=" Service">{Service}</TD>
<TD fieldName=" IPPool">{Pools}</TD>
.
.
</Group>

The result contains a set of <TD>…</TD> elements, one for each column of the group.

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Example
Fetch the Group “Wifi”.

Page 44
Aradial User Management HTTP API Specification

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=GroupEdit
GroupName=Wifi

The expected return result is:


<Group>
<TD fieldName="GroupName"> Wifi </TD>
<TD fieldName=" Service">1</TD>
<TD fieldName=" IPPool">Pool1</TD>
.
.
</Group>

Page 45
Aradial User Management HTTP API Specification

5. NAS management API


Create a NAS
Description
Create a new NAS in the Aradial database.

Http Method
Must be POST.
Parameters
Name Description Type
Page Selects the Create NAS operation. Must M
be “NASEdit”.
Add Indicates that this is an add operation. M
Must have a value of “1”.
db_$RS$NASName The NAS name. M
db_$S$NASIP The NAS IP (Mandatory if not O*
dynamic).
db_$N$isDynamicIp Indicate whether the NAS IP is dynamic. O
NASSecret The NAS secret M
ConfirmNASSecret Confirm NAS Secret M
db_$N$NasModel The NAS model number (According to O
the NasCfgDbs file)
db_$S$NASLocation The NAS location O
db_$S$NASDescription The NAS description O
db_$N$DynamicAuthPort The port of the NAS which listens to O
RADIUS requests (Like POD and
COA).
Return Result
Success Result
Following is the format of a success result:

<Result>
<Status value="Success" />
<Operation type="added" />
<Entity type="Nas" name="{NAS Name}" />
</Result>

Page 46
Aradial User Management HTTP API Specification

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="added" />
<Reason value="{ErrorReason}" />
</Result>

Example – Create a NAS


Add a NAS with the name "NAS2" from IP 10.0.0.1, that has secret 1234, and has NAS
model 105 (Mikrotik), which listen to POD and COA request on port 3899.

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:
Page=NASEdit
Add=1
db_$RS$NASName=NAS1
db_$S$NASIP=10.0.0.1
db_$N$isDynamicIp=0
NASSecret=1234
ConfirmNASSecret=1234
db_$N$DynamicAuthPort=3799

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="added" />
<Entity type="Group" name="Series1" />
</Result>

Page 47
Aradial User Management HTTP API Specification

Update NAS
Description
Update a NAS in the Aradial database.

Http Method
Must be POST.

Parameters
Name Description Type
Page Selects the Update NAS operation. M
Must be “NASEdit”.
Modify Indicates that this is an update M
operation. Must have a value of “1”.
NASIndex The NAS Index M
db_$RS$NASName The NAS name. O
db_$S$NASIP The NAS IP. Mandatory if Dynamic O*
IP.
db_$N$isDynamicIp Indicate whether the NAS IP is O
dynamic.
OldSecret The Old NAS Secret M
NASSecret The NAS secret M
ConfirmNASSecret Confirm NAS Secret M
db_$N$NasModel The NAS model number (According to O
the NasCfgDbs file)
db_$S$NASLocation The NAS location O
db_$S$NASDescription The NAS description O
db_$N$DynamicAuthPort The port of the NAS which listens to O
RADIUS requests (Like POD and
COA).

Return Result
Success Result
Following is the format of a success result:

<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="Nas" name="{GroupName }" />
</Result>

Page 48
Aradial User Management HTTP API Specification

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="updated" />
<Reason value="{ErrorReason}" />
</Result>

Example – Modify NAS secret


Modify the secret of the NAS “NAS1” (With Index 2) from “1234” to “Password”

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method POST
Authentication API/1111

Parameters:
Page=NASEdit
Modify=1
NasIndex=2
NASName=NAS1
OldSecret=1234
NASSecret=password
ConfirmNASSecret=password

The expected return result is:


<Result>
<Status value="Success" />
<Operation type="updated" />
<Entity type="NAS" name="NAS1" />
</Result>

Page 49
Aradial User Management HTTP API Specification

Delete a NAS
Description
Delete a NAS from the Aradial database.

Http Method
Get or POST.

Parameters
Name Description Type
Page Selects the Update NAS operation. Must be M
“NASEdit”.
ConfirmDelete Indicates that this is a delete operation. Must have M
a value of “1”.
NASName The NAS name to delete M
NASIndex The NASIndex M

Return Result
Success Result
Following is the format of a success result:

<Result>
<Status value="Success" />
<Operation type="deleted" />
<Entity type="NAS" name="{NasName}" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="deleted" />
<Reason value="{ErrorReason}" />
</Result>

Example
Delete the NAS “NAS2” (With Index 2).

Page 50
Aradial User Management HTTP API Specification

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=NASEdit
ConfirmDelete=1
NASName=NAS1
NASIndex=2

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="deleted" />
<Entity type="NAS" name="NAS1" />
</Result>

Page 51
Aradial User Management HTTP API Specification

Get NAS List


Description
Fetch a list of NASs according to some criterion.
The query is defined using the query mechanism (see Query Mechanism for details) and may
include any column from the NASConfig Aradial database table.

Http Method
Get.

Parameters
Name Description Type
Page Selects the get NAS list operation. Must be M
“NASHit”.
RowNumber The row number of the result set to start from. O
This parameter can be used to browse a result set
in case of large result sets. The default size of a
returned result set is 20. This setting can be
modified in Aradial Admin
(Configuration/Interface/Number of Rows per Hit
Page).
OnePage Returns the entire result set, regardless of its size. O
This parameter must have a value of 1.

qdb_XXX See the Query Mechanism for details. O


O
op_xxx See the Query Mechanism for details.

qdb_clause O
See the Query Mechanism for details.

Return Result
Success Result

Page 52
Aradial User Management HTTP API Specification

Following is the format of a success result:

< Nas >


<TR>
<TD fieldName="NASName">{Nas1-Name}</TD>
<TD fieldName="NASIndex">{Nas1-Index}</TD>
<TD fieldName="NASIP">{Nas1-IP}</TD>
<TD fieldName="IsDynamicIP ">{ Nas1-IsDynamicIP }</TD>
<TD fieldName="Secret">{ Nas1-Secret}</TD>
<TD fieldName="NASModel">{ Nas1-Model}</TD>
<TD fieldName="Location">{ Nas1-Location}</TD>
<TD fieldName="Description">{ Nas1-Description}</TD>
<TD fieldName="DynamicAuthPort">{ Nas1-Dynamic-Auth-Port}</TD>
</TR>
.
.
<TR>
<TD fieldName="NASName">{NasN-Name}</TD>
<TD fieldName="NASIndex">{NasN-Index}</TD>
<TD fieldName="NASIP">{NasN-IP}</TD>
<TD fieldName="IsDynamicIP ">{ NasN-IsDynamicIP }</TD>
<TD fieldName="Secret">{ NasN-Secret}</TD>
<TD fieldName="NASModel">{ NasN-Model}</TD>
<TD fieldName="Location">{ NasN-Location}</TD>
<TD fieldName="Description">{ NasN-Description}</TD>
<TD fieldName="DynamicAuthPort">{ Nas1-Dynamic-Auth-Port}</TD>
</TR>
</NAS>

The result contains a set of <TR>…</TR> elements, one for each NAS in the result set. Each
such element contains all the fields of the NAS table.

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Page 53
Aradial User Management HTTP API Specification

Example – Fetch NAS which start with “AA”


Fetch all NASs which name start with “AA”

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=NASHit
qdb_$N$NASName=AA%

The expected return result is:

<Nas>
<TR>
<TD fieldName="NASName">AA1</TD>
<TD fieldName="NASIndex">1</TD>
<TD fieldName="NASIP">10.0.0.1</TD>
<TD fieldName="IsDynamicIP ">0</TD>
<TD fieldName="Secret">1234</TD>
<TD fieldName="NASModel">1</TD>
<TD fieldName="Location"></TD>
<TD fieldName="Description"></TD>
<TD fieldName="DynamicAuthPort">3899</TD>
</TR>
<TR>
<TD fieldName="NASName">AA2</TD>
<TD fieldName="NASIndex">2</TD>
<TD fieldName="NASIP">10.0.0.2</TD>
<TD fieldName="IsDynamicIP ">0</TD>
<TD fieldName="Secret">1234</TD>
<TD fieldName="NASModel">1</TD>
<TD fieldName="Location"></TD>
<TD fieldName="Description"></TD>
<TD fieldName="DynamicAuthPort">3899</TD>

</TR>
</NAS>

Page 54
Aradial User Management HTTP API Specification

Get a Single NAS


Description
Fetch a single NAS based on the NAS index.

Http Method
Get.

Parameters
Name Description Type
Page Selects the get user details operation. Must be M
“NASEdit”.
NASIndex The NAS Index. M

Return Result
Success Result
Following is the format of a success result:

<Nas >
<TD fieldName="NASName">{Nas1-Name}</TD>
<TD fieldName="NASIP">{Nas1-IP}</TD>
<TD fieldName="IsDynamicIP ">{ Nas1-IsDynamicIP }</TD>
<TD fieldName="Secret">{ Nas1-Secret}</TD>
<TD fieldName="NASModel">{ Nas1-Model}</TD>
<TD fieldName="Location">{ Nas1-Location}</TD>
<TD fieldName="Description">{ Nas1-Description}</TD>
</NAS>

The result contains a set of <TD>…</TD> elements, one for each column of the NAS.

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Page 55
Aradial User Management HTTP API Specification

Example
Fetch the NAS “Wifi”.

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page=NasEdit
NASIndex=2

The expected return result is:


<Nas>
<TD fieldName="NASName">NAS1</TD>
<TD fieldName="NASIP">10.0.0.1</TD>
<TD fieldName="IsDynamicIP ">0</TD>
<TD fieldName="Secret">1234</TD>
<TD fieldName="NASModel">1</TD>
<TD fieldName="Location"></TD>
<TD fieldName="Description"></TD>
</NAS>

Page 56
Aradial User Management HTTP API Specification

6. Dynamic Authorization APIs


Passive Disconnect a Session
Description
Do a passive disconnect to a specific session. See "Get User Online Sessions" in order to fetch
the correct session.

Http Method
Get or Post.

Parameters
Name Description Type
Page Selects the "Session Delete" operation. Must be M
“SessionDelete”.
NasId The NAS ID (From the fetch) M
NasPort The NAS Port (From the fetch) M
AcctSessId The Accounting session ID (From the fetch) M

Return Result
Success Result
Following is the format of a success result:
<Result>
<Status value="Success" />
<Operation type="DeleteSession" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Example
Delete the Session with NASId= 127.0.0.1, NasPort=200 and Account session ID=Sess00001.

Page 57
Aradial User Management HTTP API Specification

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page= SessionDelete
NasId = 127.0.0.1
NasPort=20
AcctSessId=Sess00001

The expected return result is:

<Result>
<Status value="Success" />
<Operation type="DeleteSession" />
</Result>

Page 58
Aradial User Management HTTP API Specification

Radius Forwarder
Description
A generic method to send a Radius request to the Radius server.

Http Method
Get or Post.

Parameters
Name Description Type
Page Selects the "Radius Forwarder" operation. Must be M
“RadForward”.
Rad_ReqCode The radius request code. M
Rad_SuccessCode The response code to consider as success M
RadAttr_{Attribute Name} A RADIUS attribute to populate in the request. O
Where:
 Attribute Name – The Radius Attribute
name.

Return Result
Success Result
Following is the format of a success result:
<Result>
<Status value="Success" />
<Operation type="RadForward" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Page 59
Aradial User Management HTTP API Specification

Disconnect Session
Description
Disconnect a single session. This is done using a PoD request from the RADIUS server to the
NAS.

Http Method
Get or Post.
Parameters
Name Description Type
Page Selects the "Radius Forwarder" operation. Must be M
“RadForward”.
Rad_ReqCode The radius request code. Must be "40" for this M
case.
Rad_SuccessCode The response code to consider as success, Must be M
"41" for this case.
RadAttr_User-Name The UserName to disconnect. M
RadAttr_Client-Id The Client Identifier M
RadAttr_NAS-Port-Id The NAS port ID O
RadAttr_Acct-Session-Id The Accounting Session ID M

Return Result
Success Result
Following is the format of a success result:
<Result>
<Status value="Success" />
<Operation type="RadForward" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Page 60
Aradial User Management HTTP API Specification

Example – Send POD request to a single user session


Send a PoD request for the session "Session001", Port "200", Client Identifier "127.0.0.1" and
user "Joe".

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page= RadForward
Rad_ReqCode =40
Rad_SuccessCode=41
RadAttr_User-Name=joe
RadAttr_Client-Id=127.0.0.1
RadAttr_NAS-Port-Id=200
RadAttr_Acct-Session-Id=Session001

The expected return result is:


<Result>
<Status value="Success" />
<Operation type="RadForward" />
</Result>

Page 61
Aradial User Management HTTP API Specification

Change of Authorization
Description
Sends a Change of Authorization (CoA) message to the NAS to change the authorization
parameters of a specific session. This is done using a CoA request from the RADIUS server to
the user session.

Http Method
Get or Post.
Parameters
Name Description Type
Page Selects the "Radius Forwarder" operation. Must be M
“RadForward”.
Rad_ReqCode The radius request code. Must be "43" for this M
case.
Rad_SuccessCode The response code to consider as success. Must be M
"44" for this case.
RadAttr_User-Name The UserName associated with the session. M
RadAttr_Client-Id The Client Identifier. M
RadAttr_Acct-Session-Id The Accounting Session ID M
CoA-Service The name of the CoA service to use for the CoA M
message. This service is defined in NasCfgDbs as
a System Service.
RadAttr_NAS-Port-Id The NAS port ID. O

Return Result
Success Result
Following is the format of a success result:
<Result>
<Status value="Success" />
<Operation type="RadForward" />
</Result>

Page 62
Aradial User Management HTTP API Specification

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Example – Send CoA request for system service “CoA-Session-Timeout”


Send a CoA request to the session "Session001", Port "200", Client Identifier "127.0.0.1" and
user "Joe" using the “CoA-Session-Timeout” system service.

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin
Method GET
Authentication API/1111

Parameters:

Page= RadForward
Rad_ReqCode =43
Rad_SuccessCode=44
RadAttr_User-Name=joe
RadAttr_Client-Id=127.0.0.1
RadAttr_NAS-Port-Id=200
RadAttr_Acct-Session-Id=Session001
CoA-Service=CoA-Session-Timeout

The expected return result is:


<Result>
<Status value="Success" />
<Operation type="RadForward" />
</Result>

Page 63
Aradial User Management HTTP API Specification

RADIUS User Request


Description
A generic method to send a RADIUS request to all the sessions of a given user.

This method loops over the user sessions and for each one, sends a RADIUS request that
contains the “User-Name”, “Client-Id", “NAS-Port-Id”, “Acct-Session-Id” RADIUS
attributes and a set of custom attributes according to the HTTP parameters with the
“RadAttr_” prefix.

Http Method
Get or Post.

Parameters
Name Description Type
Page Selects the "Radius Forwarder" operation. Must be M
“RadForward”.
Rad_ReqCode The radius request code. M
UserID The UserID M
RadAttr_{Attribute Name} A RADIUS attribute to populate in the request in O
addition to “User-Name”, “Client-Id", “NAS-Port-
Id” and “Acct-Session-Id”.
Where:
 Attribute Name – The RADIUS Attribute
name.

Return Result
Success Result
Following is the format of a success result:
<Result>
<Status value="Success" />
<Operation type="RadUserRequest" />
</Result>

Page 64
Aradial User Management HTTP API Specification

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Page 65
Aradial User Management HTTP API Specification

Disconnect User
Description
Disconnect all users sessions using RADIUS User Request. This is done using POD from the
RADIUS server for all User Sessions.

Http Method
Get or Post.
Parameters
Name Description Type
Page Selects the "RADIUS User Request" operation. M
Must be “RadUserRequest”.
Rad_ReqCode The RADIUS request code. Must be "40" for this M
case.
UserID The User Name to disconnect. M

Return Result
Success Result
Following is the format of a success result:
<Result>
<Status value="Success" />
<Operation type="RadUserRequest" />
</Result>

Failure Result
Following is the format of a failure result:

<Result>
<Status value="Error" />
<Operation type="" />
<Reason value="{ErrorReason}" />
</Result>

Example 1 – Send POD request to all user sessions


Send POD request to all sessions of the user "Joe"

The following HTTP request will be used:


HTTP Variable Value
URL http://localhost:8000/Admin

Page 66
Aradial User Management HTTP API Specification

Method GET
Authentication API/1111

Parameters:

Page=RadUserRequest
Rad_ReqCode =40
UserID=joe

The expected return result is:


<Result>
<Status value="Success" />
<Operation type="RadUserRequest" />
</Result>

Page 67

You might also like