[RADIATOR] AuthBy DUO - Identifier clause issue?

Hugh Irvine hugh at open.com.au
Thu Feb 9 06:44:36 UTC 2023 

Hi again -

When dealing with complex configuration files, Include is your friend.

I generally define all of my Client clauses in one file, all of my AuthBy’s in another file, etc.

I put the Include’s at the beginning of the configuration file and really only have the Handler’s there.

It makes it *much* more readable and understandable.

You can use GlobalVar’s as well for things like DBSource and so on.

Tricks for advanced players.

regards

Hugh


> On 9 Feb 2023, at 16:07, Garret Peirce <peirce at maine.edu> wrote:
> 
> Hah, yes, that was it. The config is sizeable and skipping up/down through it, I just overlooked that simple mistake.
> Thanks Hugh.
> 
> 
> On Wed, Feb 8, 2023 at 9:46 PM Hugh Irvine <hugh at irvine.com.au> wrote:
> 
> Hello Garret -
> 
> I may be stating the obvious, but the AuthBy DUO clause with the Identifier must be defined in the configuration file before you reference it.
> 
> Ie.
> 
> …..
> 
> <AuthBy DUO>
>         Identifier Auth-DUO
>         …..
> </AuthBy>
> 
> …..
> 
> <AuthBy GROUP>
>         Identifier Auth-Group1
>         AuthBy Auth-File        
>         AuthBy Auth-DUO
>         ....
> </AuthBy>
> 
> …..
> 
> <Handler Realm = “Example”,Service-Type = /NAS-Prompt-User|Login-User/>
>      AuthBy     Auth-Group1
> </Handler>
> 
> 
> The configuration file parser is single pass so Identifier’s must be defined before they are referenced.
> 
> Let us know if that is the issue.
> 
> regards
> 
> Hugh
> 
> 
> > On 9 Feb 2023, at 10:58, Garret Peirce via radiator <radiator at lists.open.com.au> wrote:
> > 
> > Hi,
> > I'm attempting to begin working with AuthBy Duo and I seem to be seeing that the 'Identifier' parameter is not working. I was curious if anyone might confirm/deny this behavior.
> > 
> > I've checked for typos and deleted/recreated/renamed it etc, but the server always notes a warning.
> > Ex. WARNING: Could not find AuthBy clause with Identifier Auth-DUO
> > 
> > I use numerous Identifiers and it only doesn't work and is alarmed under the AuthBy DUO method.  I can place all within Auth-Group1, but it seemed like a bug, so thought I'd inquire about it.
> > 
> > I'm running Radiator version 4.27.
> > 
> > 
> > ==== example ======
> > 
> > <Handler Realm = "Example",Service-Type = /NAS-Prompt-User|Login-User/>
> >      AuthBy     Auth-Group1
> > </Handler>
> > 
> > 
> > <AuthBy GROUP>
> >         Identifier Auth-Group1
> >         AuthBy Auth-File
> >         AuthBy Auth-DUO
> >         ....
> > </AuthBy>
> > 
> > 
> > <AuthBy DUO>
> >         Identifier Auth-DUO
> >         ...
> > </AuthBy>
> > 
> > 
> > -- 
> > Garry Peirce
> > Networkmaine, University of Maine System US:IT
> > _______________________________________________
> > radiator mailing list
> > radiator at lists.open.com.au
> > https://lists.open.com.au/mailman/listinfo/radiator
> 
> 
> 
> 
> -- 
> Garry Peirce
> Networkmaine, University of Maine System US:IT




--

Hugh Irvine
hugh at open.com.au <mailto:hugh at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, macOS, Solaris, VMS, NetWare etc.

More information about the radiator mailing list