Next: Controlling Authentication Probes, Previous: Defining Custom Authentication Types, Up: Authentication [Contents][Index]
The number of sessions a user can have open simultaneously can be
restricted by setting Simultaneous-Use attribute in the user’s
profile LHS (see Simultaneous-Use). By default the number
of simultaneous sessions is unlimited.
When a user with limited number of simultaneous logins authenticates
himself, Radius counts the number of the sessions that are already
opened by this user. If this number is equal to the value of
Simultaneous-Use attribute the authentication request is
rejected.
This process is run in several stages. First, Radius retrieves the
information about currently opened sessions from one of its accounting
databases. Then, it verifies whether all these sessions are still
active. This pass is necessary since an open entry might be a result
of missing Stop request. Finally, the server counts the
sessions and compares their count with the value of
Simultaneous-Use attribute.
The following subsections address each stage in detail.