# Configuring RADIUS Authorization

This article describes how to configure RADIUS authentication and authorization.

1- Click Routing script in the navigation panel.

<figure><img src="https://docs.telcobridges.com/w/images/0/08/ConfigureRadiusAuthorization_0.png" alt=""><figcaption></figcaption></figure>

\
2- Edit your main script

<figure><img src="https://docs.telcobridges.com/w/images/4/47/ConfigureRadiusAuthorization_1.png" alt=""><figcaption></figcaption></figure>

\
3- Do the following operations in your script:

* At the top of the page

```
require 'radius_authorization' unless defined?(RadiusAuthorization)
```

* Following your main class definition

```
include RadiusAuthorization
```

* Add before filter in your main class

```
before_filter :method => :radius_authorization
```

* Optional: add the *fill\_authorization\_attributes* method

```
def fill_authorization_attributes(params, auth)
  auth[:"User-Name"] = "bob"
  ...
end
```

* Optional: add the *requires\_radius\_authorization?* method to reduce the scope of the authorization:

```
def requires_radius_authorization?(params)
  case params[:call][:called]
    when /^123/
      true
    ...
    else
      false
  end
end
```

* Optional: add methods to handle the possible results of authorization: *on\_radius\_authorization\_accept*, *on\_radius\_authorization\_challenge*, *on\_radius\_authorization\_reject* and *on\_radius\_authorization\_timeout*:

```
def on_radius_authorization_accept(params, auth)
  log_trace :always, "Access-Accept: #{auth.inspect}"
end

def on_radius_authorization_challenge(params, auth)
  log_trace :always, "Access-Challenge: #{auth.inspect}"
  raise RoutingException, :call_rejected
end

def on_radius_authorization_reject(params, auth)
  log_trace :always, "Access-Reject: #{auth.inspect}"
  raise RoutingException, :call_rejected
end

def on_radius_authorization_timeout(params, auth)
  log_trace :always, "Authorization Timeout"
  raise RoutingException, :call_rejected
end
```

4- Click 'Save'

### Example

The following script configures RADIUS authorization with the default attributes (*User-Name*, *Calling-Station-Id* and *Called-Station-Id*):

```
require 'base_routing'
require 'radius_authorization' unless defined?(RadiusAuthorization)               # <- Add this line here

class MyScript < BaseRouting
  include RadiusAuthorization                                                     # <- Add this line here
  
  before_filter :method => :radius_authorization                                  # <- Add this line here

  route_match :call_field_name => :called
  route_match :call_field_name => :calling
  route_match :call_field_name => :nap
  route_remap :call_field_name => :called, :route_field_name => :remapped_called
  route_remap :call_field_name => :calling, :route_field_name => :remapped_calling
  route_remap :call_field_name => :nap, :route_field_name => :remapped_nap
end

@@routing = MyScript.new

def init_routes( routes )
  @@routing.init routes
end

def route( call, nap_list )
  @@routing.route call, nap_list
end
```

### Advanced example

The following script configures RADIUS authorization with user-defined attributes, and prints attributes found in the Access-Accept message if it is received:

```
require 'base_routing'
require 'radius_authorization' unless defined?(RadiusAuthorization)               # <- Add this line here

class MyScript < BaseRouting
  include RadiusAuthorization                                                     # <- Add this line here
  
  before_filter :method => :radius_authorization                                  # <- Add this line here

  def fill_authorization_attributes(params, auth)                                 # <- Add this line here
    call = params[:call]                                                          # <- Add this line here
    auth[:"User-Name"] = "bob"                                                    # <- Add this line here
    auth[:"User-Password"] = "hello"                                              # <- Add this line here
    auth[:"Calling-Station-Id"] = call[:calling]                                  # <- Add this line here
    auth[:"Called-Station-Id"] = call[:called]                                    # <- Add this line here
  end                                                                             # <- Add this line here

  def on_radius_authorization_accept(params, auth)                                # <- Add this line here
    log_trace :always, "Access-Accept: #{auth.inspect}"                           # <- Add this line here
  end                                                                             # <- Add this line here

  route_match :call_field_name => :called
  route_match :call_field_name => :calling
  route_match :call_field_name => :nap
  route_remap :call_field_name => :called, :route_field_name => :remapped_called
  route_remap :call_field_name => :calling, :route_field_name => :remapped_calling
  route_remap :call_field_name => :nap, :route_field_name => :remapped_nap
end

@@routing = MyScript.new

def init_routes( routes )
  @@routing.init routes
end

def route( call, nap_list )
  @@routing.route call, nap_list
end
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://prosbcdocs.telcobridges.com/configuration-details/configuration-by-web-portal-category/call-routing/configuring-radius-authorization.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.