Hello Alex -
On Fri, 4 Jan 2002 08:40, Alex Fritz wrote: > Hey guys, > This is going to be a strange one. The company we are setting up a > radius server for has to have the ability to do a sort of dynamic > authentication. Let's say they have a user from [EMAIL PROTECTED] and they > want to do AuthBy SQL authentication, but if the person doesn't exist in > the database then they should be passed through to another server. They > shouldn't be passed through if they fail authentication. > You should be able to do this with an AuthByPolicy of ContinueWhileAccept, something like this: # define AuthBy SQL <AuthBy SQL> Identifier CheckDatabase ..... NoDefaultIfFound ..... </AuthBy> # define AuthBy RADIUS <AuthBy RADIUS> Identifier ForwardToProxy ...... </AuthBy> # define Handlers <Handler User-Name = /^prefix\-/, Realm = domain.com> AuthBy ForwardToProxy ..... </Handler> <Handler Realm = domain.com> AuthByPolicy ContinueWhileAccept AuthBy CheckDatabase AuthBy ForwardToProxy ..... </Handler> You will also need an entry in the SQL database for a DEFAULT user: DEFAULT Auth-Type = Accept > They also need the capability to do want they call "Prefix Realms." If a > user is > [EMAIL PROTECTED] then he should be passed through and [EMAIL PROTECTED] > shouldn't be. > See the example above. > I have a feeling that with these there will need to be either some sort of > custom AuthBy module or a Hook. If that is correct, then let me know, but > what would be really helpful would be if somebody already has a script that > will do this or even something similiar. Thanks for you time. It's really > appreciated. > You shouldn't need any custom code with the above configuration. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.