Alan DeKok wrote:
> Phil Mayers wrote:
>> How about a config item like so:
>> username     Pap-Auth-DelegateTo := "moduleinstancename"
>> and make rlm_pap the ONLY valid option in authorize/authenticate.
>> rlm_pap, when called in authenticate, checks if the config item is set. 
>> If so, it finds the given module instance and passes the authenticate 
>> request to it.
>   Hmm... I'm not so sure.

Well, just a thought.

>> Many of the "oracles" (nice name) need little or no code to be executed 
>> in authorize. LDAP is about the only one I can think of.
>   Yes.  But even with LDAP, you can configure LDAP bind without doing
> user lookups in LDAP.
>   I'll think about it some more.  A good solution is difficult to come
> up with.


>> I could see this having real use in other situations - it would obviate 
>> the need for Autz-Type in some "merger" situations.
>   I'm not sure what you mean by that.

Ignore that. I meant "Auth-Type".
List info/subscribe/unsubscribe? See

Reply via email to