Hello Vangelis - As Tuure shows, his way is much preferable - you really shouldn’t change the Identifier in the Client clause.
Just use the OSC-Client-Identifier in your Handler’s. regards Hugh > On 21 Dec 2017, at 00:05, Vangelis Kyriakakis <[email protected]> wrote: > > Hi Tuure, > > Thanks for the answer. > Actually I have a configuration where a RADIUS server receives some > requests directly from the clients and some other requests through a > proxy RADIUS server from the same clients. > So, at the proxy server I have some Client clauses which categorize > the clients using different Client-Identifiers which are passed to the > final RADIUS server through the OSC-Client-Identifier attribute. > The final RADIUS server has the same Client clauses, plus a clause > for the proxy RADIUS server in which I copy the OSC-Client-Identifier to > Client-Identifier (using a PreHandlerHook), in order to be able to pass > the requests through the same handlers which use the Client-Identifier > as a check item: > > > <Client ...> > # Proxy server as client > PreHandlerHook file:"%D/ProxyClient.pl" > </Client> > > ProxyClient.pl: > sub > { > my $p = ${$_[0]}; > my $client = $p->get_attr('OSC-Client-Identifier'); > $p->{Client}->{Identifier}=$client; > } > > <Client ...> > Identifier Client1 > </Client> > > <Handler Client-Identifier=Client1> > .... > </Handler> > > So I want requests that follow the paths > > Client1->Final RADIUS > > OR > > Client1->proxy RADIUS->Final RADIUS > > to be handled by the above Handler. > > Is this a safe solution? > > Regards > Vangelis > On 20/12/2017 1:35 μμ, Tuure Vartiainen wrote: >> Hi, >> >>> On 20 Dec 2017, at 8.27, Vangelis Kyriakakis <[email protected]> wrote: >>> >>> Is there a way to copy OSC-Client-Identifier which comes from a proxy >>> RADIATOR server to Client-Identifier using a PrehandlerHook at the final >>> RADIATOR server. >>> >> Client-Identifier is Radius::Client object’s Identifier attribute’s value, >> and is accessible through Radius::Radius request object in a following way >> >> $p->{Client}->{Identifier} >> >> You should not assign a value to it as $p->{Client} is a reference to >> Radius::Client object from which the request was received and it would >> overwrite that Client’s Identifier’s value. >> >> If you wan’t to unify usage of OSC-Client-Identifier attribute >> and local Client-Identifier, you could add Client’s Identifier to >> OSC-Client-Identifier attribute if the request does not have one. >> >> E.g. >> >> <Client ...> >> Identifier SomeClient >> >> ... >> >> # Add Client’s Identifier to OSC-Client-Identifier >> # if a request does not have one >> AddToRequestIfNotExist OSC-Client-Identifier=%{Client:Identifier} >> </Client> >> >> ... >> >> <Handler OSC-Client-Identifier=SomeClient> >> ... >> </Handler> >> >> >> BR > > _______________________________________________ > radiator mailing list > [email protected] > http://lists.open.com.au/mailman/listinfo/radiator -- Hugh Irvine [email protected] Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc. Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://lists.open.com.au/mailman/listinfo/radiator
