On Thu, 6 Nov 2003, Artur Hecker wrote:
> hi people
>
>
> do i ignore something or am i right in the assumption that it is
> currently not possible to define different EAP authentication methods on
> a per-user basis with the provided onboard configuration?
>
> (would be a nice feature to have john use PEAP during jack has to go for
> pure TLS, for instance...)
>
> or can it somehow be done by defining "instances" of the EAP module with
> different eap default types? (i obviously haven't tried it yet)
Hmm, that's already supported :-)
Look at src/modules/rlm_eap/eap.c line 196:
case PW_EAP_IDENTITY:
{
VALUE_PAIR *vp;
DEBUG2(" rlm_eap: EAP Identity");
/*
* Allow per-user configuration of EAP types.
*/
vp = pairfind(handler->request->config_items,
PW_EAP_TYPE);
if (vp) default_eap_type = vp->lvalue;
So you only need to set the EAP-Type attribute in the authorize section on a per
user basis and i think it should work.
>
>
> ciao
> artur
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
