Hello Valentin -
On Thursday 01 February 2001 06:47, Valentin Tumarkin wrote:
> Hi,
>
> Is it possible to pass an intermediate variables between consecutively
> executed AuthBy modules (AuthLDAPSDK mostly) ?
>
> I'm working on a configuration where:
>
> (listed in the order of execution)
>
> 1) AuthLDAPSDK finds a user and optionally gets Auth-Type and group
> membership (group name) attributes
>
> 2) AuthLDAPSDK (wrapped in AuthBy GROUP, named by Auth-Type) is called to
> get portlimit attribute
>
> 3) PORTLIMITCHECK is used to check port limitation for the group
> (i guess i'll have to patch it to do special formatting on the
> SessionLimit parameter..)
>
> This could be done by putting temporary things in Reply Packet, however
> the problem is that AuthLDAPSDK's findUser does not get the pointer
> to reply packet parameter when it is called.
>
You are almost always better off using the request packet as a scratchpad
area to store temporary values, that way you don't have to clean up the
packet before sending it either.
BTW - it is usually a better idea to identify your groups by
Called-Station-Id, by NAS or by Realm (or whatever) and do the AuthBy
PORTLIMITCHECK first. You might also consider writing a simple PreAuthHook to
do the setup before calling the AuthBy PORTLIMITCHECK and a single AuthBy
LDAPSDK.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
