On 19/09/11 11:10, Lorenzo Milesi wrote:
hi. can I make a configuration where I have a radius server which authenticates over an external radius (basically a proxy), but caches the successful logins, so that known users won't get asked upstream (at least for a certain time)?
If the authentication protocol is PAP, yes. You would need to use the post-auth section to create some kind of cache entry, and check it on future requests. But it's a bad idea.
For any other authentication protocol (CHAP, EAP), no.
I don't want to replicate the backend database.
Just replicate it. It'll be far easier than trying to hack something up. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
