H3C Technologies H3C WX3000 Series Unified Switches User Manual

25-9

The basic message exchange procedure is as follows:

2) A user sends a login request to the switching engine acting as a TACACS client, which then sends

an authentication start request to the TACACS server.

3) The TACACS server returns an authentication response, asking for the username. Upon receiving

the response, the TACACS client requests the user for the username.

4) After receiving the username from the user, the TACACS client sends an authentication

continuance message carrying the username.

5) The TACACS server returns an authentication response, asking for the password. Upon receiving

the response, the TACACS client requests the user for the login password.

6) After receiving the password, the TACACS client sends an authentication continuance message

carrying the password to the TACACS server.

7) The TACACS server returns an authentication response, indicating that the user has passed the

authentication.

8) The TACACS client sends a user authorization request to the TACACS server.

9) The TACACS server returns an authorization response, indicating that the user has passed the

authorization.

10) After receiving the response indicating an authorization success, the TACACS client pushes the

configuration interface of the device to the user.

11) The TACACS client sends an accounting start request to the TACACS server.

12) The TACACS server returns an accounting response, indicating that it has received the accounting

start request.

13) The user logs out; the TACACS client sends an accounting stop request to the TACACS server.

14) The TACACS server returns an accounting response, indicating that it has received the accounting

stop request.