----- Forwarded message from Andrew Niven <[EMAIL PROTECTED]> -----
From: "Andrew Niven" <[EMAIL PROTECTED]>
To: "Cameron Andrews" <[EMAIL PROTECTED]>
Subject: How to use AuthBy External
Date: Tue, 23 Jan 2001 09:07:42 +1000
Greetings,
Further to the enquiry made by Cameron Andrews Fri, 19 Jan 2001.
We are running Radiator 2.17.1 on a Redhat system and attempting
to use Sybase Adaptive Server Anywhere 7.0.0.477.
The problem is the using DBD ASAny 1.10 downloaded from the CPAN site
causes the database to go into a locked state. That is connections
are created but Time Out in radiator before we can processs them.
To test the system an external program was written to pump the
Authby Query, and the accounting queries into the database as fast
as it could. This caused no problems and we could validate approx 10
per second on an unloaded system and 4 per second on a loaded system.
This lead to the solution that we could use the <AuthBy External> as follows
to process the Accounting-Request and the Access-Request.
<AuthBy EXTERNAL>
Command /database/SybaseAuth %T '%n' '%{Acct-Status-Type}'
'%{Acct-Input-Octets}' '%{Acct-Output-Octets}' '%{Acct-
Session-Id}'
'%{NAS-IP-Address}' '%{NAS-Port}' '%{Framed-IP-Address}'
</AuthBy>
This correctly calls the external program which sucessfully queries the DB
and returns the correct values.
User-Password = jvkXt9VbBTk8c
Expiration = Jan 27 2001
Framed-Group = 2
Session-Timeout = 28352
Simultaneous-Use = 1
The problem I am having is that the original authby was as follows
<AuthBy SQL>
FailureBackoffTime 10
DBSource DBI:ASAny:
DBUsername <removed>
DBAuth <removed>
AuthSelect select ctrl_loginpassword(loginname),String('Expiration =
',DateFormat(AccountExpire, 'Mmm dd yyyy')), if IPNumber=''
then
String('Framed-Group = ', GetIpGroup(accTypeID)) else String('Framed-IP-
Address = ', IPNUMBER) endif, String('Session-Timeout = ',
CTRL_AuthTime(loginName)), String ('Simultaneous-Use = ',
SimultaneousCon), CheckAttrib, ReplyAttrib from Accounts where
loginName='%n' and STATUS='A' AND (NASLOCK = '%N' OR NASLOCK IS NULL);
AuthColumnDef 0, Encrypted-Password, check
AuthColumnDef 1, Expiration, check
AuthColumnDef 2, GENERIC, reply
AuthColumnDef 3, GENERIC, reply
AuthColumnDef 4, GENERIC, check
AuthColumnDef 5, GENERIC, check
AuthColumnDef 6, GENERIC, reply
AddToReply
Service-Type=Framed-User,Framed-Protocol=PPP,Framed-Routing=Broadcast-Listen
,Framed-MTU=552
AcctSQLStatement Select CTRL_AccountingRecord('%n', '%{Acct-Status-Type}',
'%{Acct-Input-Octets}', '%{Acct-Output- Octets}', '%{Acct-Session-Id}',
'%{NAS-IP-Address}', '%{NAS-Port}', '%{Framed-IP-Address}') from Dummy
</AuthBy>
Radius checked the the password, expiration, Simultaneous-Use and the
CheckAttribute using the AuthColumnDef.
Do I have to check these myself in the External program. Or is there some
way that I can get Radius to check them.
----- End forwarded message -----
--
Regards,
Cameron Andrews
System Administration
Australian National Research
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
