Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A federation RADIUS server has a list of connected IdP and SP servers and the associated realms. It Typically, a FLR is authoritative for all RADIUS realms ending in its own top-level domain (e.g. a FLR for Antartica would be authoritative for *.aq); it may also serve a number of domains in other top-level domains (e.g. .com, .net, .org, ...) but it is not authoritative for those entire top-level domains.

The FLR receives requests from the confederation servers and IdP/SP it is connected to and forwards them to the proper server, or in case of a request for a confederation destination to a confederation server. For its authoritative top-level domain, it rejects requests for non-existent realms inside the top-level domain.

IdP and SP RADIUS infratructure

...