(RADIATOR) AuthBy FILE to return REJECT?
Hi, We've set up our Realm as follows: Realm AuthByPolicyContinueUntilAccept AuthBy FILE /AuthBy AuthBy MYAUTH Fork ... {some specific attribs} /AuthBy /Realm The idea is that if the user is not found in %D/users, AuthFILE would return Reject and Radiator would look to AuthMYAUTH for authentication. This works fine. However, we would like AuthMYAUTH to handle Accounting for both cases. Unfortunately, AuthFILE's default behavior for Authentication is that it "ignores (but replies to) accounting requests". Is there any way to achieve what we want without having to modify AuthFILE.pm? L L Richi Plana 8^) ,-,-. ,-,-. ,-,-. ,-,-. ,- LL LL Systems Administrator / / \ \ / / \ \ / / \ \ / / \ \ / / L Mosaic Communications, Inc. \ \ / / \ \ / / \ \ / / \ \ / / L mailto:[EMAIL PROTECTED] `-'-' `-'-' `-'-' `-'-' === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy FILE to return REJECT?
Hi Richi, AuthBy FILE should ACCEPT all accounting requests (thats what makes Radiator issue an acknowledgement when you just have AuthBy FILE). When we say "it ignores" we just mean that it doesnt actually log the information. Therefore, I would expect your example code to work, and it should always go on to MYAUTH for accounting. Cheers. On Jun 3, 11:04pm, Richi Plana wrote: Subject: (RADIATOR) AuthBy FILE to return REJECT? Hi, We've set up our Realm as follows: Realm AuthByPolicyContinueUntilAccept AuthBy FILE /AuthBy AuthBy MYAUTH Fork ... {some specific attribs} /AuthBy /Realm The idea is that if the user is not found in %D/users, AuthFILE would return Reject and Radiator would look to AuthMYAUTH for authentication. This works fine. However, we would like AuthMYAUTH to handle Accounting for both cases. Unfortunately, AuthFILE's default behavior for Authentication is that it "ignores (but replies to) accounting requests". Is there any way to achieve what we want without having to modify AuthFILE.pm? L L Richi Plana 8^) ,-,-. ,-,-. ,-,-. ,-,-. ,- LL LL Systems Administrator / / \ \ / / \ \ / / \ \ / / \ \ / / L Mosaic Communications, Inc. \ \ / / \ \ / / \ \ / / \ \ / / L mailto:[EMAIL PROTECTED] `-'-' `-'-' `-'-' `-'-' === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- End of excerpt from Richi Plana -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy FILE to return REJECT?
Hi, Mike. On Fri, 4 Jun 1999, Mike McCauley wrote: |o| AuthBy FILE should ACCEPT all accounting requests (thats what |o| makes Radiator issue an acknowledgement when you just have AuthBy |o| FILE). When we say "it ignores" we just mean that it doesnt |o| actually log the information. |o| |o| Therefore, I would expect your example code to work, and it should |o| always go on to MYAUTH for accounting. Actually, we're expecting that in the case of Authentication, it would NOT go to MYAUTH because FILE returns with an ACCEPT and we've set the AuthByPolicy to ContinueUntilAccept. In fact, that's what exactly happens. When tracing the result, Accounting stops at Radius::AuthFILE and doesn't go on the Radius::AuthMYAUTH. |o| Realm |o|AuthByPolicyContinueUntilAccept |o|AuthBy FILE |o|/AuthBy |o|AuthBy MYAUTH |o|Fork |o|... {some specific attribs} |o|/AuthBy |o| /Realm L L Richi Plana 8^) ,-,-. ,-,-. ,-,-. ,-,-. ,- LL LL Systems Administrator / / \ \ / / \ \ / / \ \ / / \ \ / / L Mosaic Communications, Inc. \ \ / / \ \ / / \ \ / / \ \ / / L mailto:[EMAIL PROTECTED] `-'-' `-'-' `-'-' `-'-' === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.