Hello Scott -
On Wed, 27 Oct 1999, Scott Adkins wrote:
> Tue Oct 26 00:30:13 1999
> User-Name = "jdoe"
> Budget-Code = "1234 56 7890" <======== New attribute
> User-Flags = "BxRN1xx5" <======== New attribute
> <and so forth>
>
> The budget code will depend on the password they enter. Each username can
> have multiple passwords, with each password tied to different budget codes
> for the purposes of billing. The User-Flags field is used in the billing
> process to help determine the final charge the user will have for that
> particular session (among other things).
>
> The main point I am making here is that the Budget-Code and User-Flags
> attributes indicate the status of that account at that moment in time and
> are subject to change in the password file at any time down the road. The
> next time the user logs in with that same username/password may show a
> different Budget-Code and User-Flags field in the account output.
>
> For this reason, I need to be able to inject these items into the accounting
> stream at the time authentication succeeds. This rules out any pre-hooks
> that Radiator provides. All I really need is the short little blurb to put
> in my Auth module that does what Hugh suggested above.
Right - the best way to do this is to return a "Class" attribute containing
what you describe above in the Access-Accept. This will cause all subsequent
accounting records for this session to contain the Class attribute, which will
be logged automatically with the other accounting data.
The Class attribute is just a string, so it can contain something like this:
Class = "Budget-Code = 1234 56 7890, User-Flags = BxRN1xx5"
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsod
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
