I can get it to authenticate. But I've read some posts on ACS 4.2 and authorization, but I don't find anything similar.
I want to control down to what commands the authenticated user can run. I want the defintion to come from
the ACS server, or at least control it from the ACS server. I want to minimize the changes on the JunOS side,
but if it can't be easily done, I'll change the JunOS side.