On 1/27/2011 1:14 PM, Alan Buxey wrote:
> you are authenticating...and then rejecting in the post-auth
> stage. you really need to break the process in the authentication
> stage.
Thanks. That's actually my goal. But unlang isn't allowed in
authenticate{}, and my attempts to sneak it into the authentication
phase via the tls{} section in eap.conf didn't seem to work.
Any other ways to do it?
I'd thought of using rlm_perl, but couldn't see that the cert fields are
passed to the module.
Thanks,
-Matt
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
