(RADIATOR) Global attributes

Cliff Cole ccole at innerx.net
Mon Aug 20 10:40:01 CDT 2001


Hello,
    I have this configuration working some what.  I will paste my config for
reference, maybe it'll help figure out how exactly to do what I need it to
do.

#config start
<Realm test.com>
     AuthByPolicy ContinueUntilIgnore
        <AuthBy SQL>
        DBSource        dbi:mysql:level3
        DBUsername      root
        DBAuth          eamide2
        RewriteUsername s/^([^@]+).*/$1/
        AuthSelect select PASSWORD, REPLYATTR, REPLYATTR2 from SUBSCRIBERS
WHERE USERNAME = '%n'

        AuthColumnDef 0, User-Password, check
        AuthColumnDef 1, GENERIC, check
        AuthColumnDef 2, GENERIC, reply
        AuthColumnDef 3, GENERIC, reply

      </AuthBy>
      <AuthBy RADIUS>
        Host 12.34.56.78
        Secret test
        </AuthBy>
</Realm>
#eo config

What I need this to do.  First it will check to see if it is in the
database.  Anything that will be in the database I want to automatically get
rejected because these will be customers that have overages.  If they are
not in the database, I would like to go to then next radius server for
authentication.  I have tried a number of ContinueWhile* or ContinueUntil*.
None of these seem to do the trick.  If there is any other way to make this
work? I'm kind of stuck on the situation.

Thanks,
Cliff Cole
----- Original Message -----
From: "Hugh Irvine" <hugh at open.com.au>
To: "Cliff Cole" <ccole at innerx.net>; <radiator at open.com.au>
Sent: Tuesday, August 14, 2001 7:32 PM
Subject: Re: (RADIATOR) Global attributes


>
> Hello Cliff -
>
> This is very easy to configure - something like this:
>
> # define AuthBy clauses
>
> <AuthBy SQL>
> Identifier CheckSQL
> .....
> </AuthBy>
>
> <AuthBy RADIUS>
> Identifier CheckAnotherRadiusServer
> .....
> </AuthBy>
>
> # define Realms or Handlers
>
> <Handler ...>
> AuthByPolicy ContinueUntilAccept
> AuthBy CheckSQL
> AuthBy CheckAnotherRadiusServer
> </Handler>
>
> Have a look at section 6.27 in the Radiator 2.18.2 reference manual.
>
> hth
>
> Hugh
>
>
> On Wednesday 15 August 2001 00:22, Cliff Cole wrote:
> > Hello,
> >     I have sort of a strange situation that I have not ever thought
about
> > that we would like to do here at my company.  We are wanting to have a
> > realm check a database (or flat file if need be) and if the username is
not
> > in the database it then passes the username at realm on to another radius
> > server for authentication.  If the user is not in our databse when it
> > passes through to the other Radius server it also will set global
> > attributes for the users that get authenticated with the second radius.
I
> > really do not know where to start this configuration, so any help is
very
> > appreciated.
> >
> > Thanks,
> > Cliff
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list