Hello, We need to keep authentication failure information in our database. This can of course be done with <AuthLog SQL>.
To make it simple, let's say that we have to handle things like an account status (Active or Blocked) in the authentication process. This can be easily done by : AuthSelect select ... from ACCOUNT where USERNAME=%0 and STATUS = 'Active' But if someone with correct Usr/Psw but blocked RADIUS account tries to connect, it will of course result in the "No such user" failure message instead of some dedicated failure message such as "Account Blocked". We could handle the Account Status check using check items and AddToRequest parameter instead of using AuthSelect and then get "dedicated" failure messages, but for other cases it is not that simple. Ex.: - For one account (usr/psw), multiple service subscriptions based on the NAS-Port-Type attribute of the Access-Request and resulting in different reply attributes. - Accounts should be bound to several Access Servers (RADIUS clients). We can handle this with proper data model and AuthSelect parameter but we need dedicated authentication failure messages (ex : "No subscription for this service" and "Not allowed from this NAS") in case of correct Usr/Psw. I don't know much about PostAuthHook but I guess it may be the solution. Any suggestions ? Regards. Geoffrey === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
