System and method for password authentication for non-LDAP regions
First Claim
1. A method for dial roaming outside of a home service region comprising:
- dialing into a local dial access provider;
creating an access request comprising user identifying information and home region identifying information;
forwarding the access request from a network access server (NAS) to a corporate remote authentication dial-in user service (RADIUS) server;
determining from the home region identifying information whether the home region supports Lightweight Directory Access Protocol (LDAP) authentication;
if the home region does not offer LDAP authentication, then;
proxying the access request to a regional RADIUS server associated with the user'"'"'s home region;
comparing the user identifying information in the access request with user identifying information stored in a regional user database accessible to the regional RADIUS server; and
if the user identifying information in the access request matches the stored user identifying information, then;
authenticating the user; and
providing configuration information to the NAS to allow access to a network of the home region.
10 Assignments
0 Petitions
Accused Products
Abstract
A system and method for allowing roaming of a subscriber and password authentication a non-LDAP region. A user signs onto a network access server which in turn connects to the regional LDAP RADIUS server. Password authentication occurs by hashing a transmitted password and comparing it to a clear text password from an LDAP database that has been hashed in the same manner as the transmitted password. When the subscriber is in a non-LDAP region, The password proceeds trough a proxy server to a regional RADIUS server which connects to a non-LDAP server. The non-LDAP server connects to and SMS database and retrieve the clear text password associated with the non-LDFSAP user, hashes it according the same method as the transmitted hashed password and formats the password for comparison in the regional RADIUS server. If the hashed passwords compare, the access is permitted.
-
Citations
19 Claims
-
1. A method for dial roaming outside of a home service region comprising:
-
dialing into a local dial access provider; creating an access request comprising user identifying information and home region identifying information; forwarding the access request from a network access server (NAS) to a corporate remote authentication dial-in user service (RADIUS) server; determining from the home region identifying information whether the home region supports Lightweight Directory Access Protocol (LDAP) authentication; if the home region does not offer LDAP authentication, then; proxying the access request to a regional RADIUS server associated with the user'"'"'s home region; comparing the user identifying information in the access request with user identifying information stored in a regional user database accessible to the regional RADIUS server; and if the user identifying information in the access request matches the stored user identifying information, then; authenticating the user; and providing configuration information to the NAS to allow access to a network of the home region. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for dial roaming outside of a home Internet service region comprising:
-
a user computer having a home service region; a network access server (NAS), wherein the NAS is adapted to; connect to the user computer via a dial-up connection; receive user identifying information and home region identifying information from the user computer; create an access request comprising the user identifying information and the home region identifying information; and direct the access request to a corporate authentication dial-in user service (RADIUS) server; and the corporate RADTUS server, wherein the RADRJS server is adapted to; receive the access request; determine from the home region identifying information whether the home service region supports Lightweight Directory Access Protocol (LDAP) authentication; and if the home service region does not offer LDAP authentication, then proxy the access request to a regional RADIUS server associated with the user'"'"'s home region; and the regional RADIUS server, wherein the regional RADIUS server is adapted to; compare the user identifying information in the access request with user identifying information stored in a regional user database accessible to the regional RADIUS server; and if the user identifying information in the access request matches the stored user identifying information, then authenticate the user and provide configuration information to the NAS to allow the user computer access to a network of the home region. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
Specification