(RADIATOR) delete_attr('User-Name') in PreClientHook

Toomas Kärner tomkar at estpak.ee
Wed Feb 22 09:26:46 CST 2006 

Hello again...

just an extra..

Even this wont strip it out:
<Client x.x.x.x>
        Secret xxxxx
        NasType unknown
        StripFromRequest User-Name
</Client>
Looks like its time work workarounds....

Probably I'll go for two separate radius processes ... one doing all
the accounting request modifications and next doing real accounting
... this way I can do it in PostAuthHook with ChangeUserName().
If you have any ideas that might still work then let me/all know...

Toomas

Wednesday, February 22, 2006, 4:45:36 PM, you wrote:

> Hi Toomas

> when you rewrite the username, the NAS does not know about this, so
> in the accounting requests it sends the mac address again as username.
> one recomendation is to keep track of the MAC and username in a
> sepparate table and rewrite the accounting username based on that table.


> On 2/22/06, Toomas Kärner <tomkar at estpak.ee> wrote:
>  Hi,

> For some reason I'm unable to remove User-Name attribute from incoming
> Acct-Request with PreClientHook:
> sub {
> my $p = ${$_[0]};
> my $mac_username = $p->getUserName;
>     if ($mac_username) {
>          $p->delete_attr('User-Name');
        $p->>add_attr('ETC-Mac',$mac_username);
>         &main::log($main::LOG_DEBUG,"Username attribute with value
> $mac_username stripped and put into ETC-Mac"); 
>     }
> }

> Setup goes like this:
> Redback SE sends it CLIPS accounting :
> *** Received from x.x.x.x port 1812 ....
> Code:       Accounting-Request
> Identifier: 177
> Authentic:  p$<226>!G<226><17><249>81<18>5<202>Ho= 
> Attributes:
>         User-Name = "00:0b:cd:8c:61:ed"
>         Acct-Status-Type = Stop
>         Acct-Session-Id = "0001FFFF780001D3-43140C10"
>         Class = "127828"
>         . 
>         .

> For that NAS, MAC is the user since it does not know any better...
> Now I want to remove this username attribute and with PreClientHook
> and insert a real username based on information from sessionDB like 
> this:
> <AuthBy SQL>
>         Identifier GetDataFromSession
>         DBSource        dbi:mysql:xx:x.x.x.x
>         DBUsername      xxx
>         DBAuth          xxx
>         AuthenticateAccounting
>         AuthSelect      SELECT \ 
>                         username \
>                         from wnsession where \
>                         class_id = '%{Class}'
>         AuthColumnDef   0,      User-Name, request
>         NoDefault
> </AuthBy SQL> 

> But for some reason I still get the MAC later into accounting as the
> username.

> I have some workarounds but I dont like them very much and I got
> interested what I'm doing wrong...

> Rgds.
> Toomas 

> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au 
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.




--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list