Execution Pipelines
Handling incoming requests
Execution pipelines in Radiator Server define how the server reacts to incoming requests.
An execution pipeline executes a series of steps against the execution context. Each step performs a specific action, such as validating the request, authenticating the user, processing the request data, or updating the reply attributes.
Authentication, authorization, and accounting are specialized execution pipelines which are used to process their respective requests.
Pipelines can also include conditional logic to branch execution based on request attributes or user properties. Execution pipelines can be configured for different stages and types of requests.
Here's an example of authentication request processing execution pipeline in a policy handler:
policy "POLICY" {
handler "HANDLER" {
authentication {
# Look up the user in the LDAP directory
backend "SQL";
# Verify that values in the request match the values in the DB
if any {
radius.request.attr.DSLForum-Agent-Circuit-Id != vars.dsl_agent_circuit;
radius.request.attr.DSLForum-Agent-Remote-Id != vars.dsl_agent_remote;
} then {
reason "Mismatched DSL IDs";
reject;
}
# Authenticate user with PAP
pap;
# Modify the reply attributes based on the backend results
modify {
radius.reply.attr.Alc-Subsc-ID-Str = vars.alc_id;
radius.reply.attr.Alc-SLA-Prof-Str = vars.alc_sla;
radius.reply.attr.Alc-Subsc-Prof-Str = vars.alc_prof;
}
}
}
}
Execution stops immediately if an action rejects. For example, the backend
call rejects if it fails or returns no results, and the pap rejects if the
provided credentials are invalid. reject is an explicit rejection. Some
actions can only have side effects; for example, modify cannot reject.