"Michael S. McCollough" <[EMAIL PROTECTED]> wrote:
> It is my understanding that when
>
> Something.com LOCAL
>
> Is in the realms file, when an username of [EMAIL PROTECTED] is sent to the
> radius server it will lookup something.com in the realms file and pass "me"
> as a username to authenticate.
Yes, sort of.
Problem 1: The realm comparison is case sensitive.
"Something.com" != "something.com"
Problem 2: The User-Name in the password is NOT modified.
Instead, a new attribute Stripped-User-Name is added,
with the realm stripped off.
So in the 'users' file, you can do:
[EMAIL PROTECTED] Auth-Type := Local, User-Password == "me"
Reply-Message = "Hello, me!"
And it will work, for "[EMAIL PROTECTED]", in realm "something.com"
Or, you can do:
DEFAULT Stripped-User-Name == "me", Auth-Type := Local, User-Password == "me"
Reply-Message = "Hello, me!"
And that will work, too.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
