I am implementing a solution that authenticates with against Authentication Manager 8.1 using SecurID hardware tokens and the RADIUS protocol.
I've got basic authentication by sending the SecurID pin and token code via RADIUS working quite easily. I need to expand my solution to handle additional SecurID hardware token related tasks such as:
- Handling new-pin mode (user needs to set new pin, or user needs to take server provided pin),
- Send next passcode mode.
- parsing return error messages to notify the user of the various different reasons for authentication failure.
I am looking for more complete documentation that covers the above described situations when working via the RSA RADIUS interface. I've not been able to find this as of yet. Is this documentation available? I would rather design to a specification rather than work out what messages are required by experimentation and trial and error.
Searching around on the web, I have found some relevant information, including articles which describe testing authentication via RADIUS using a test tool:
Many thanks for any help you can provide.