Hello, Sorry for being slow to answer this! This is exactly the functionality I wished for. One thing thou. Is it possible to modify the 24 hour limit to follow "AuthorizationTimeout" clause instead of a static value ?
What's the word from OSC ? is it possible that this could find its way into a patchset or next release ? Or does it break something unforeseen ? Mvh, Patrik Forsberg From: [email protected] [mailto:[email protected]] On Behalf Of Jason Griffith Sent: Wednesday, May 30, 2012 8:45 PM To: [email protected] Subject: [RADIATOR] TACACS Authorisation sessions across reloads in 4.9 Hello, I've recently been toying with Radiator 4.9 as we are planning on upgrading from 4.5 and have come across this TACACS+ session issue where command authorisations fail after Radiator is reloaded even when the session is saved to the temporary TACACS sessions file. I could not get this to function correctly with standard configuration listed in the manual. As I can't compromise on the frequency of Radiator reloads due to our integration with other upstream systems, I instead modified the Radius/ServerTACACSPLUS.pm file (see attached). I've done a couple of things here - move the check for a valid context to after the point where the temporary file is read; and also added a timestamp to the session file so that any sessions older than 24 hours will not authorise. My initial testing of this is positive and I have not come across anything unexpected. My question to the group is - are there any side effects to this of which I may not be aware of or any other features that I'm not using right now that may be broken? Being only familiar with the features we use and our other customisations I thought it best to throw this out there. Thanks for any feed back. Jason Griffith
_______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
