8
Figure 6
Basic HWTACACS packet exchange process for a Telnet user
HWTACACS operates using the following workflow:
1.
A Telnet user sends an access request to the HWTACACS client.
2.
The HWTACACS client sends a start-authentication packet to the HWTACACS server when it
receives the request.
3.
The HWTACACS server sends back an authentication response to request the username.
4.
Upon receiving the response, the HWTACACS client asks the user for the username.
5.
The user enters the username.
6.
After receiving the username from the user, the HWTACACS client sends the server a
continue-authentication packet that includes the username.
7.
The HWTACACS server sends back an authentication response to request the login password.
8.
Upon receipt of the response, the HWTACACS client prompts the user for the login password.
Host
HWTACACS client
HWTACACS server
1) The user tries to log in
2) Start-authentication packet
3) Authentication response requesting the username
4) Request for username
5) The user enters the username
6)
Continue-authentication packet
with the username
7) Authentication response requesting the password
8) Request for password
9) The user enters the password
11) Response indicating successful authentication
12) User authorization request packet
13) Response indicating successful authorization
14) The user logs in successfully
15) Start-accounting request
16) Response indicating the start of accounting
17) The user logs off
18) Stop-accounting request
19) Stop-accounting response
10)
Continue-authentication
packet with the password