This illustration depicts a challenge-response, or asynchronous authentication sequence. A user seeks a connection to the Oracle database server. The client machine passes the data to the Oracle database server. The Oracle database server, acting as the RADIUS client, passes the data from the Oracle client to the RADIUS server.
The RADIUS server passes the data to the appropriate authentication server for validation. The authentication server sends a challenge to the RADIUS server. The RADIUS server sends the challenge to the Oracle database server/RADIUS client (the three preceeding steps are combined if the RADIUS server is the authentication server). The Oracle database server/RADIUS client sends the challenge to the Oracle client where a graphical interface presents it to the user. The user provides a response to the challenge by various means which the Oracle client passes to the Oracle database server/RADIUS client.
The Oracle database server/RADIUS client sends the user's response to the RADIUS server which passes it to the appropriate authentication server for validation. The authentication server sends back to the RADIUS server either and access accept or an access reject message. The RADIUS server passes the reponse to the Oracle database server/RADIUS client (the three preceeding steps are combined if the RADIUS server is the authentication server) which passes it on to the Oracle client.