display authentication-scheme(All views)

Function

The display authentication-scheme command displays the configuration of an authentication scheme.

Format

display authentication-scheme [ authentication-scheme-name ]

Parameters

Parameter	Description	Value
authentication-scheme-name	Specifies the name of an authentication scheme.	The value is a string of 1 to 32 case-insensitive characters.

Parameter

Description

Value

authentication-scheme-name

Specifies the name of an authentication scheme.

The value is a string of 1 to 32 case-insensitive characters.

Views

All views

Default Level

1: Monitoring level

Task Name and Operations

Task Name	Operations
aaa-access	read

Usage Guidelines

Usage Scenario

The authentication modes supported by AAA include non-authentication, local authentication, and remote authentication.

To view authentication information about the access users of the system, you can run the display authentication-scheme command.

If the display authentication-scheme command is used in the authentication scheme view or with specified, the detailed configuration of the authentication scheme is displayed; otherwise, only the summary of the authentication scheme is displayed.

In VS mode, this command is supported only by the admin VS.

Example

The actual command output varies according to the device. The command output here is only an example.

# Display all the authentication schemes configured in the system.

<HUAWEI> display authentication-scheme
---------------------------------------------------------------------------
  Authentication-scheme-name          Authentication-method
  ---------------------------------------------------------------------------
  default0                            local
  default1                            radius
  default                             local radius
  auth1                               local
  ---------------------------------------------------------------------------
  Total 4,4 printed

# Display information about authentication auth1.

<HUAWEI> display authentication-scheme auth1
---------------------------------------------------------------------------
  Authentication-scheme-name   : auth1
  Authentication-method        : Local authentication
  Authentication-fail-policy    : Cut user
  Authentication-fail-domain    : -
  Authentication-redirect-domain: -
  ---------------------------------------------------------------------------

**Table 1** Description of the **display authentication-scheme(All views)** command output
Item	Description
Authentication-scheme-name	Indicates the name of an authentication scheme.
Authentication-method	Indicates the authentication method. AAA supports four authentication modes: Local authentication. Non-authentication. RADIUS authentication. HWTACACS authentication. It also allows a random combination of the four modes. The hybrid authentications are sequential. If the authentication-mode radius local command is run, it indicates that the RADIUS authentication mode is used first. If the RADIUS authentication mode fails, the local authentication mode is used. When no authentication (none) is contained in hybrid authentication mode, it must be put at the end. For example: authorization-mode hwtacacs local none. AAA also supports RADIUS proxy authentication which must be used separately. Configure the authentication mode in the authentication scheme view. By default, RADIUS authentication is used.
Authentication-fail-policy	Indicates the policy adopted for online users when the authentication fails. The values are as follows: Cut user: logs the users out. Online: keeps the users online.
Authentication-fail-domain	Indicates the authentication domain used when the authentication fails and users are kept online, this parameter is configured using the authening authen-fail online authen-domain command.
Authentication-redirect-domain	Indicates the redirection domain in the authentication scheme, this parameter is configured using the authening authen-redirect online authen-domain command.