Hello Ken -
I would have thought that your regexp should be looking for numerics:
<Handler User-Name = /^\d......$/>
(where ...... is the rest of the regexp to match only digits)
I'm travelling at the moment and don't have access to my Camel book,
so I suggest you check your copy and do some experiments.
hth
Hugh
At 12:44 +1000 01/4/1, Ken Kirkby wrote:
>Hello Hugh,
>
>I am trying to implement a handler for strictly numeric logins without
>domain,
>as distinct from our alphanumeric logins, which have default domains.
>We have default domains defined on the clients as either nobbys.net.au
>or
>terrigal.net.au. depending on the client location. I cant seem to get a
>regex expression
>working which matches on a numeric login and an appended alpha domain.
>
># define an AuthBy GROUP to do both checks
><AuthBy GROUP>
> Identifier CheckPassword
> AuthByPolicy ContinueUntilAccept
> AuthBy CheckClearTextPassword
> AuthBy CheckEncryptedPassword
></AuthBy>
>
># Handler for only numeric login
># If unsucessful then logins should fall through to the Realm Handlers.
>#<Handler User-Name = /^(?!A-Za-z-_@)/>
># Strip what ever domain we appended at the NAS
># RewriteUsername s/^([^@]+).*/$1/
># RejectHasReason
># <AuthBy RADIUS>
># Identifier xxxxx
># Host 202.xxx.xxx.33,202.xxx.xxx.34
># Secret xxxxxxxxxxxx
># AuthPort 1645
># AcctPort 1646
># RetryTimeout 10
># </AuthBy>
>#</Handler>
>#
># Now on to realm handlers
># Used for handling requests with realms (sec 6.12)
><Handler Realm = /(nobbys.net.au|nobbys.net|nobbys)/i>
> RejectHasReason
>#Strip the realm from all requests for nobbys.net.au realms
> RewriteUsername s/^([^@]+).*/$1/
> RewriteUsername tr/A-Z/a-z/
># Log accounting for this realm to the following file in LogDir (sec
>6.13.4)
> AcctLogFileName %L/account.%Y%m%d
>#
>Set the number of simultaneous sessions allowed for users in this realm
># (sec 6.13.3)
> MaxSessions 1
># File that records all authentication attempts for this realm (sec
>6.13.7)
> PasswordLogFileName %L/password.%Y%m%d
> AuthBy CheckPassword
>
>#</Handler
>
>As it stands it picks the domains, and and the numeric servers block
>alpha usernames
>
>>
>> Hello Elias -
>>
>> At 13:12 +0700 28/3/31, Elias wrote:
>>
>> Hi,
>>
>>
>>
>> Is there a way to detect login prefixes with radiator? I
>> want to detect logins such as [EMAIL PROTECTED]
>> [prefix/login@domain] and proxy the request to another
>> radius server. Can this be done? Thanks.
>>
>>
>>
>>
>>
>> This is very easily done with Handlers and Perl regexp's:
>>
>> # configure AuthBy RADIUS clause for proxy
>>
>> <AuthBy RADIUS>
>> Identifier ProxyTo....
>> .....
>> </AuthBy>
>>
>> # special Handler for prefix and proxy
>> # where "prefix" is the string you want to match
>>
>> <Handler User-Name = /^prefix...../>
>> RewriteUsername ......
>> AuthBy ProxyTo....
>> </Handler>
>>
>> You will need to consult the Camel book (Perl reference) for the exact
>> syntax of the regexp for what you want to do.
>>
>> hth
>>
>> Hugh
>>
>Your structure there is a little different. Are there reasons to take
>the AuthBy from
>the Handler User-Name?
>
>Thanks Ken
>--
> Ken Kirkby
> PLC Peripherals * Nobbys Net + Terrigal Net
> http://www.plc-peripherals.com
> Real Time Hardware and Software - Cisco Certified Regional ISP.
>PO Box 815 Terrigal NSW 2260 Australia. ph +61 2 4385 2335 fx +61 2
>4385 3720
>
>===
>Archive at http://www.starport.net/~radiator/
>Announcements on [EMAIL PROTECTED]
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message.
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
