(RADIATOR) AuthBy FILE to return REJECT?
Hi,
We've set up our Realm as follows:
Realm
AuthByPolicyContinueUntilAccept
AuthBy FILE
/AuthBy
AuthBy MYAUTH
Fork
... {some specific attribs}
/AuthBy
/Realm
The idea is that if the user is not found in %D/users, AuthFILE would
return Reject and Radiator would look to AuthMYAUTH for authentication.
This works fine. However, we would like AuthMYAUTH to handle Accounting
for both cases. Unfortunately, AuthFILE's default behavior for
Authentication is that it "ignores (but replies to) accounting requests".
Is there any way to achieve what we want without having to modify
AuthFILE.pm?
L L Richi Plana 8^) ,-,-. ,-,-. ,-,-. ,-,-. ,-
LL LL Systems Administrator / / \ \ / / \ \ / / \ \ / / \ \ / /
L Mosaic Communications, Inc. \ \ / / \ \ / / \ \ / / \ \ / /
L mailto:[EMAIL PROTECTED] `-'-' `-'-' `-'-' `-'-'
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy FILE to return REJECT?
Hi Richi,
AuthBy FILE should ACCEPT all accounting requests (thats what makes Radiator
issue an acknowledgement when you just have AuthBy FILE). When we say "it
ignores" we just mean that it doesnt actually log the information.
Therefore, I would expect your example code to work, and it should always go on
to MYAUTH for accounting.
Cheers.
On Jun 3, 11:04pm, Richi Plana wrote:
Subject: (RADIATOR) AuthBy FILE to return REJECT?
Hi,
We've set up our Realm as follows:
Realm
AuthByPolicyContinueUntilAccept
AuthBy FILE
/AuthBy
AuthBy MYAUTH
Fork
... {some specific attribs}
/AuthBy
/Realm
The idea is that if the user is not found in %D/users, AuthFILE would
return Reject and Radiator would look to AuthMYAUTH for authentication.
This works fine. However, we would like AuthMYAUTH to handle Accounting
for both cases. Unfortunately, AuthFILE's default behavior for
Authentication is that it "ignores (but replies to) accounting requests".
Is there any way to achieve what we want without having to modify
AuthFILE.pm?
L L Richi Plana 8^) ,-,-. ,-,-. ,-,-. ,-,-. ,-
LL LL Systems Administrator / / \ \ / / \ \ / / \ \ / / \ \ / /
L Mosaic Communications, Inc. \ \ / / \ \ / / \ \ / / \ \ / /
L mailto:[EMAIL PROTECTED] `-'-' `-'-' `-'-' `-'-'
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
-- End of excerpt from Richi Plana
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy FILE to return REJECT?
Hi, Mike.
On Fri, 4 Jun 1999, Mike McCauley wrote:
|o| AuthBy FILE should ACCEPT all accounting requests (thats what
|o| makes Radiator issue an acknowledgement when you just have AuthBy
|o| FILE). When we say "it ignores" we just mean that it doesnt
|o| actually log the information.
|o|
|o| Therefore, I would expect your example code to work, and it should
|o| always go on to MYAUTH for accounting.
Actually, we're expecting that in the case of Authentication, it would NOT
go to MYAUTH because FILE returns with an ACCEPT and we've set the
AuthByPolicy to ContinueUntilAccept. In fact, that's what exactly happens.
When tracing the result, Accounting stops at Radius::AuthFILE and doesn't
go on the Radius::AuthMYAUTH.
|o| Realm
|o|AuthByPolicyContinueUntilAccept
|o|AuthBy FILE
|o|/AuthBy
|o|AuthBy MYAUTH
|o|Fork
|o|... {some specific attribs}
|o|/AuthBy
|o| /Realm
L L Richi Plana 8^) ,-,-. ,-,-. ,-,-. ,-,-. ,-
LL LL Systems Administrator / / \ \ / / \ \ / / \ \ / / \ \ / /
L Mosaic Communications, Inc. \ \ / / \ \ / / \ \ / / \ \ / /
L mailto:[EMAIL PROTECTED] `-'-' `-'-' `-'-' `-'-'
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
