(RADIATOR) multipul authby's in one realm.
Title: multipul authby's in one realm. Is there away to do this? We are migrating from a flatfile auth system, to a hacked version of AuthBySQL.pm, called AuthbyQIP. Now we need to keep authenticating people off of the flat file, while also authenticating new people off the sql database. Is there a way to do this? Here's what I'm thinking, it doesn't work, but I think it better illustrates what I'm trying to do... Realm flashcom.net AuthBy FILE Filename ./users.test AddToReply Filter-Id = flashcommail /AuthBy else AuthBy QIP DBSource dbi:Oracle: DBUsername x DBAuth x AuthSelect select value from user. /AuthBy /Realm Make sence? Is it possible? Blake Golliher Network Engineer Flashcom, Inc. Tel. 877-352-7426 ex 2599 DID. 714-799-2599 Page 888-635-0153 Ever dance with a cherub in the broad daylight?
Re: (RADIATOR) multipul authby's in one realm.
Title: multipul authby's in one realm. Is there away to do this? We are migrating from a flatfile auth system, to a hacked version of AuthBySQL.pm, called AuthbyQIP. Now we need to keep authenticating people off of the flat file, while also authenticating new people off the sql database. Is there a way to do this? Here's what I'm thinking, it doesn't work, but I think it better illustrates what I'm trying to do... This is explained pretry well in the AuthBy secions of the Handlers documentaion. http://www.open.com.au/radiator/ref.html 6.15.15 AuthBy This specifies that the Handler is to be authenticated with an AuthBy clause that is defined elsewhere. The argument must specify the Identifier of the AuthBy clause to use. The AuthBy clause may be defined anywhere else: at the top level, or in a Realm or Handler clause. You can have as many AuthBy parameters as you wish. They will be used in the order that they appear in the configuration file (subject to AuthByPolicy) in the same way as AuthBy clauses. -- So according to this, you can place multiple AuthBy types in the same handler or realm block, and the way its parsed is controlled by the AuthByPolicy setting. Looks like you'd perhaps want a ContinueWhileReject type, so you'll only enter the 2nd AuthBy if the first one didnt get them in, and not bother if they got authenticated by the first method. -- 6.21.1 AuthByPolicy This parameter allows you to control the behaviour of multiple AuthBy clauses inside this AuthBy GROUP. In particular, it allows you to specify under what conditions Radiator will try the next AuthBy clause. If you only have one AuthBy clause, AuthByPolicy is not relevant and is ignored. Recall that for a single Realm, Handler or AuthBy GROUP, you can specify more than one AuthBy clause. The normal behaviour of Radiator is to try to authenticate with the first one. If that authentication method either Accepts or Rejects the request, then Radiator will immediately send a reply to the NAS. If on the other hand the AuthBy Ignores the request, then the next one will be tried. That is the normal and default behaviour, but with AuthByPolicy, you can change it. The permissible values of AuthByPolicy are: ContinueWhileIgnore This is the default. Continue trying to authenticate until either Accept or Reject ContinueUntilIgnore Continue trying to authenticate until Ignore ContinueWhileAccept Continue trying to authenticate as long as it is Accepted ContinueUntilAccept Continue trying to authenticate until it is Accepted ContinueWhileReject Continue trying to authenticate as long as it is Rejected ContinueUntilReject Continue trying to authenticate until it is Rejected anything else Always do every authentication method. Returns the result of the last one.
Re: (RADIATOR) multipul authby's in one realm.
Hello Blake - At 11:03 -0800 31/10/00, Blake Golliher wrote: Is there away to do this? We are migrating from a flatfile auth system, to a hacked version of AuthBySQL.pm, called AuthbyQIP. Now we need to keep authenticating people off of the flat file, while also authenticating new people off the sql database. Is there a way to do this? Here's what I'm thinking, it doesn't work, but I think it better illustrates what I'm trying to do... Realm flashcom.net AuthBy FILE Filename ./users.test AddToReply Filter-Id = flashcommail /AuthBy else AuthBy QIP DBSource dbi:Oracle: DBUsername x DBAuth x AuthSelect select value from user. /AuthBy /Realm You just need to add an AuthByPolicy to your configuration: Realm flashcom.net AuthByPolicy ContinueUntilAccept . /Realm hth Hugh -- -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
