I want to implement a setup where FreeRADIUS uses LDAP as the primary authentication back-end. However, if an LDAP attribute named radiusProxy (or similar) is returned, I want to proxy the request to the host found described in that attribute. If that proxy request fails, FreeRADIUS should emit Access-Reject. Only if both the LDAP request /and/ the proxy request succeeds (or if the radiusProxy attribute isn't set in LDAP), should the result be Access-Accept.
I didn't see any obvious way of achieving this, so I thought I'd ask here before I went source-diving - has anyone any clever suggestions for me? Thanks, -- Tore Anderson - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
