-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arran Cudbard-Bell wrote: > Hi, >>> No. You should be running through your authorisation policies >>> on session resumption. All policies should be moved to the >>> post-auth section of the outer server. >>> >> but only the inner server knows the real id etc ? >> > Yes, so have it tell the outer server... Insert the (attached) > snippet into the authorize section of the inner server. * at the bottom of the authorize section of the inner server. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkoVIFQACgkQcaklux5oVKK33wCfdq4CkOvX7PAGwhL56KSLcyTk 3qoAn2HcsVUpaFZpQJmhd4VB28eCdyRi =utZd -----END PGP SIGNATURE----- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
