The Mobile AAA Server, based on a client/server architecture,
consists of three components which may be installed independently:
The AAA Server Manager is a web server
program that performs administration and configuration tasks from
a client’s browser for one or more AAA servers.
One or more AAA Diameter servers.
Product documentation (see
the “Related Documentation” section in the “Using
this Guide” chapter)
The exchange of configuration information between a remote
AAA server and the AAA Server Manager program is validated
by a shared secret. This secret is unique to the Server Manager
and a remote AAA server. It should not be the same secret used by
a Mobile AAA server and the peers that it communicates with. The
exchange of information between a browser and the client program
is not validated or encrypted by default, although you can configure
HTTPS to secure this communication.
 |
| |
|
 | NOTE: To secure the communication between the Server Manager
(Tomcat) and RMI objects, install the Server Manager and the HP-UX
Mobile AAA Server software inside a secure network. |
|
| |
|
AAA Server Manager Program |
|
The AAA Server Manager utilizes the Tomcat piece of the HP
Apache web server and provides an interface between an administrator
and the AAA servers. The program is used for starting, stopping,
configuring, and modifying the servers. You can also use the AAA
Server Manager to report Mobile IP sessions. In addition, the program
can retrieve logged server sessions and accounting information for
an administrator.
Diameter AAA Servers |
|
AAA server installations include the AAA server, which performs
the authentication, authorization, and accounting functions to process
requests, and RMI objects. The RMI objects establish a server connection
and facilitate communication between the AAA server and the client
program.
The
Graphic Interface |
|
The Web-based graphical user interface provides access to
the Mobile AAA server management functions and configuration files.
From a remote client workstation, administrators can access the
Mobile AAA Server Manager interface through a Web browser. An administrator
can create a Mobile AAA configuration for authenticating users and
implementing authorization policies. In addition to creating, modifying,
and deleting entries in many of the server’s configuration
files, an administrator may start and stop the AAA server, access
the server’s status and system time, retrieve information
from accounting and session logs, and terminate sessions. You can
access the functions that perform these operations by selecting
an item from the Navigation Tree located in the left frame of the
HTML page.
When your network includes multiple AAA servers,
selecting a server in the AAA Server Status frame (located in the
lower-left corner of the interface) allows you to apply server commands
and maintenance functions to specific servers. The Status frame
also provides the start/stop status of each remote server.
Printable version
