Re: [RADIATOR] UsernameBlacklist.txt And case sensitivity

Tue, 05 Feb 2013 12:57:47 -0800 

Hello John -

A more flexible approach is like this:


# users file (NB - the *last* DEFAULT is Accept)

DEFAULT  User-Name = /^brian$/i  Auth-Type = Reject

DEFAULT User-Name = /^sammy$/i Auth-Type = Reject

…..

DEFAULT Auth-Type = Accept


and in the configuration file:

<Handler …..>

        AuthByPolicy ContinueWhileAccept

        <AuthBy FILE>
                NoEAP
                Filename %D/UsernameBlacklist.txt
        </AuthBy>

        <AuthBy ….>
                …..
        </AuthBy>

        …..

</Handler>


hth

Hugh


On 6 Feb 2013, at 06:03, John Goubeaux <goube...@education.ucsb.edu> wrote:

> Folks,
> 
> I am using the below <AuthBy FILE> directive in my config file to do a 
> Username Check in order to BlackList users whose accounts have been flagged , 
> in this case for DMCA complaints. The syntax of the deny statement in the 
> file called is:
> 
> brian           Auth-Type = Reject              # DMCA Complaint 22269368039 
> added on 1/25/13 DoNot remove jg
> 
> 
>  
> 
> <AuthBy FILE>
>                 NoEAP
>                 AcceptIfMissing
>                 Filename /etc/radiator/UsernameBlacklist.txt
>         </AuthBy>
> 
> My Question is: I need to  cover cases where a user changes the case of their 
> login, eg in the above case the user used "Brian" instead of "brian" and got 
> authenticated.
> 
> What is the best way to cover this situation,  eg lowercase all logins.  I 
> found  RewriteUsername         tr/A-Z/a-z/  as possibly one example to add to 
> the config file ?
> 
> 
> Thanks    -john
> 
> -- 
> 
> John Goubeaux
> Systems Administrator
> Gevirtz Graduate School of Education
> UC Santa Barbara
> Education 4203C
> 805 893-8190
> _______________________________________________
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
h...@open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. 
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.

_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Reply via email to