Hello Christian -
Maybe something like this:
…..
<Handler …..>
AuthByPolicy ContinueWhileIgnore
<AuthBy GROUP>
AuthByPolicy ContinueUntilAccept
<AuthBy RADMIN>
…..
</AuthBy>
<AuthBy LDAP2>
…..
</AuthBy>
</AuthBy>
<AuthBy INTERNAL>
…..
</AuthBy>
</Handler>
…..
regards
Hugh
> On 18 Jan 2019, at 22:21, Christian Meutes <[email protected]> wrote:
>
> Hello,
>
> I'am a bit stuck on implementing the following logic:
>
> (1) First AuthBy/Backend (Radmin/SQL): If user found either 'Accept'
> or 'Reject' depending on check-item result. If user is not found, try
> out the second backend.
>
> (2) Second AuthBy/Backend (LDAP): If user found then 'Accept' or do
> 'Reject' if not found.
>
> Using 'AuthByPolicy ContinueWhileIgnore', while a third 'AuthBy
> INTERNAL' makes sure to 'Accept' in case the backends before failed,
> thus delivered 'Ignores' and did fall through.
>
> I wonder how to implement the first 'AuthBy', there is
> 'AcceptIfMissing', but there is no 'IgnoreIfMissing'.
>
> AuthGeneric.pm seems the place to patch this in, but I'm pretty sure
> that I just miss the right knobs or a proper policy(-design), or not?
>
> Apparently I need some inspiration, anyone? :-)
>
> Thanks!
> --
> Christian
> _______________________________________________
> radiator mailing list
> [email protected]
> https://lists.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
[email protected]
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc.
Full source on Unix, Linux, Windows, macOS, Solaris, VMS, NetWare etc.
_______________________________________________
radiator mailing list
[email protected]
https://lists.open.com.au/mailman/listinfo/radiator
