Re: Proxying based on a regex

Mon, 25 Jul 2011 13:41:08 -0700 

The desired end result is for the end users to not have to type in the realm. 
The users would just type in their IDs. We have 2 campuses, and one campus uses 
a standard "license plate" format for the IDs - i.e. aa0000. The other campus 
uses a first initial followed by the last name i.e. jsmith. My regex correctly 
determines the type of ID, I'm just trying to figure out how to forward them to 
the correct realm based just on the ID. In my example, the <REGEX> looks for 
the aa0000 format, if not found I'd like to proxy the request to one realm, and 
if found, it can be handled by the local server.

On Jul 25, 2011, at 4:20 PM, Sallee, Stephen (Jake) wrote:

> We did this through our realms see code:
> 
> In your proxy.conf
> 
> realm "~.*umhb\\.edu$" {
> #### some code here###
> ###usually the virtual server you want to proxy them to###
> }
> 
> If I am understanding your question right that should do it, but others may 
> have a better way .. or I could be on crack ...
> 
> 
> -----Original Message-----
> From: freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.org 
> [mailto:freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.org] 
> On Behalf Of Charles Plater
> Sent: Monday, July 25, 2011 3:05 PM
> To: [email protected]
> Subject: Proxying based on a regex
> 
> I'm trying to configure our FreeRadius (2.1.9) server to proxy based on the 
> format of the ID. I have a working regex that determines the domain to which 
> the request should be sent, but I'm having a hard time figuring out the 
> syntax of the proxy statement. Here's what I've tried:
> 
> if (User-Name !~ <REGEX>) {
>       proxy: domain.name
> else {
>       proxy: LOCAL
>       }
> }
> 
> FWIW, I can successfully authenticate do the "domain.name" realm by using 
> [email protected].
> 
> Can anyone offer any suggestions? Thanks in advance.
> -- 
> Charles Plater
> Lead Application Technical Analyst
> Internet Services
> +1-313-577-4620
> [email protected]
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-- 
Charles Plater
Lead Application Technical Analyst
Internet Services
+1-313-577-4620
[email protected]


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to