公开(公告)号：US06614788B1

公开(公告)日：2003-09-02

申请号：US09034789

申请日：1998-03-03

Applicant: Jean-Christophe Martin ,  Regis Marco

Inventor： Jean-Christophe Martin ,  Regis Marco

IPC: H04L1228

CPC classification number: H04L29/12273 ,  H04L29/12047 ,  H04L29/12216 ,  H04L29/12283 ,  H04L61/15 ,  H04L61/2015 ,  H04L61/2053 ,  H04L61/2061

Abstract: Network address (e.g. IP address) allocation under first and second protocols (e.g. RADIUS and DHCP) is achieved using a directory service. A common network address pool is maintained under the control of a directory service. The directory service allocates network addresses in response to requests. The directory service also maintains a record of network address allocation to users, which can be achieved by storing a network address allocated to a user at the user's entry in the directory. Thus, for example, IP address allocation under RADIUS and DHCP can be unified using a common address pool and mappings between IP addresses and the user/hosts information in an ISO/CCITT X.500 based directory service using LDAP.

Abstract translation: 使用目录服务实现第一和第二协议（例如，RADIUS和DHCP）下的网络地址（例如IP地址）分配。 公用网络地址池在目录服务的控制下进行维护。 目录服务根据请求分配网络地址。 目录服务还维护对用户的网络地址分配记录，这可以通过将分配给用户的网络地址存储在目录中的用户的条目上来实现。 因此，例如，可以使用公共地址池和使用LDAP的基于ISO / CCITT X.500的目录服务中的IP地址和用户/主机信息之间的映射来统一RADIUS和DHCP下的IP地址分配。

公开(公告)号：US06539482B1

公开(公告)日：2003-03-25

申请号：US09288418

申请日：1999-04-08

Applicant: Marcos Ares Blanco ,  Regis Marco

Inventor： Marcos Ares Blanco ,  Regis Marco

IPC: H04L932

CPC classification number: H04L63/08 ,  G06F21/31 ,  H04L12/22 ,  H04L63/083

Abstract: A network access authentication system including a directory service containing a remote access password and a standard access password for each user of the network, using an authentication protocol that provides information on whether a user is accessing the network locally of remotely, and including a front-end between the directory service and the authentication protocol. The front-end executes the steps of: receiving a user identifier and a user password entered by a user through said authentication protocol; retrieving from the directory service the remote access password and the standard access password corresponding to the user identifier; if the authentication protocol indicates a remote access, comparing the user password to the remote access password, else comparing the user password to the standard access password; and granting access to the network if the comparing step is successful.

Abstract translation: 一种网络接入认证系统，其特征在于，使用提供关于用户是否远程访问本地网络的信息的认证协议，包括用于所述网络的每个用户的包含远程访问密码的目录服务和标准访问密码， 在目录服务和认证协议之间结束。 前端执行以下步骤：通过所述认证协议接收用户输入的用户标识符和用户密码;从所述目录服务中检索所述远程访问密码和对应于所述用户标识符的标准访问密码;如果所述认证协议 指示远程访问，将用户密码与远程访问密码进行比较，否则将用户密码与标准访问密码进行比较; 如果比较步骤成功，则访问网络。