To: <[email protected]>
Sent: Thursday, January 06, 2005 12:07 PM
Subject: Re: [radius] Re: WISPr Attributes and freeradius
Nick Marino wrote:WISPr-Session-Terminate-Time 14122, 9 String X
The time when the user should be disconnected in ISO 8601 format (YYYY-MM-DDThh:mm:ssTZD). If TZD is not specified local time is assumed. For example a disconnect on 18 December 2001 at 7:00 PM UTC would be specified as 2001-12-18T19:00:00+00:00.
So it's not specified how it should be implemented.
Suppose you send an Access-Accept with this attribute containing a timestamp in the past, then the NAS may decide one of the following things:
- the user is accepted, so start his session and whenever this timestamp comes (which is never) I will disconnect him
- the user is accepted, so start his session and disconnect his session immediately since the timestamp is in the past
- the user is accepted, but should be disconnected at a timestamp in the past, so i'm not going to start the session at all
Now at the radiusserver side, you can think like this:
- I don't look at the value and just send it with the Access-Accept packet (so leave the decision up to the NAS)
- I look at the value and send an Access-Reject packet if the timestamp is in the past (so the NAS doesn't have to bother), if it's in the future, I send an Access-Accept and the NAS has to take care to logout the user at the specified timestamp
I have implemented my radiusserver in such a way that this attribute will only be used with timestamps in the future. If it's in the past, my server sends an Access-Reject, so I'm sure that the user is not able to login anymore no matter what the NAS would have decided.
Ok then how did you implement your server to work like that?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
