but i want to DO authentication by an external program.
from the doc it seems that you can only run an external program
when a user is authenticated.
am i right or there are other ways to do this?
thanks,
Payam Shabanian
On Sat, 30 Oct 2004 11:26:55 -0400 (EDT), Dustin Doris
[EMAIL PROTECTED] wrote:
Look into the doc directory.
README tells you about Exec-Program and Exec-Program-Wait you can put into
the users file.
variables.txt shows the variables that you can pass to it. Pay attention
to the line with printenv /tmp/exec-program-wait. That will show you
the variables that are actually being passed, very helpful!
In raddb directory
radiusd.conf look for the exec echo section. You can call an external
program using that as well.
Here is an example script I am testing.
#!/usr/local/bin/bash
if [ -z $FRAMED_IP_ADDRESS ]
then
exit 1
else
exit 0
fi
I am looking to see if there is a Framed-IP-Address in the reply values.
if not, I reject them.
I load it in radiusd.conf with
exec reply_check {
wait = yes
program = /usr/local/etc/raddb/reply.sh
input_pairs = reply
output_pairs = reply
packet_type = Access-Accept
}
and then execute it in the post-auth section
post-auth {
reply_check
}
Hope that is helpful.
-Dusty Doris
On Sat, 30 Oct 2004, Payam Shabanian wrote:
hi,
does anybody know:
how to authenticate, Authorize, and do accounting on users
with an external program?
thanks
Payam Shabanian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
