Hello List, I've got a problem. I have a list of many clients, each with a unique secret. But all of them should authenticate against the same SQL-database. I want to avoid any other client than known to me being able to authenticate with my Radiator (v 2.19). Sadly I have only the IP addresses of that clients.
If I insert them all in a DB-table and use a <ClientListSQL> statement like this: <ClientListSQL> DBSource dbi:mysql:<db>:<host>:<port> DBUsername <dbusername> DBAuth <dbpassword> Identifier Example GetClientQuery select NASIDENTIFIER,SECRET from RADCLIENTLIST </ClientListSQL> And use an <Handler> statement like this: <Handler Request-Type=Access-Request,Client-Identifier=Example> MaxSessions 1 RejectHasReason UsernameCharset a-zA-Z0-9\.-_@\#\% RewriteUsername s/^([^@]+).*?/$1/ <AuthBy SQL> <some stuff that works> </AuthBy> </Handler> plus a default Handler <Handler> </Handler> How do I bring Radiator to set 'Client-Identifier' to 'Example' if the NAS-IP-Address is listed in the table 'RADCLIENTLIST'??? I've tested it with the 'radpwtst' tool, even in GUI variant and inserted an entry in the table with 'NASIDENTIFIER=127.0.0.1' and correct secret. 'radpwtst' is connection the Radiator at localhost. The Request is rejected because it is handled by the default handler. I don't know the NAS-Identifier-String, only the IP-Addresses. Is it possible to have them all handled this way or do I need to insert dozens of <Client 'IP-Address-01'> Secret whatever </Client> <Client 'IP-Address-02'> Secret somethingotherthanfirst </Client> and a <Client DEFAULT> Secret youneverguessthis </Client> just to be sure _only_ this clients be able to auth? I mean, even the 'youneverguess' secret can be guessed and this way additional clients could auth ... There must be a more simple way, or am I wrong? Thx for answering in advance -- Best regards, Peter mailto:[EMAIL PROTECTED] === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.