(RADIATOR) MySQL & Simultaneous-Use

Sam Nilsson sam at enabledsites.com
Tue Dec 18 20:24:30 CST 2001


Andy -

If you look at the manual section 6.7.3 you will see the reference to
'AddQuery'. This is the query that SessionDatabaseSQL uses to add
a user to the sessions table.

You can see that the default add query inserts the username as '%u' 
which is the special variable that contains the original username sent 
by the nas BEFORE any rewrites.

You don't need to rewrite the username, you just need to customize the 
AddQuery to insert the username that you would like.

 From the manual:
%n -  The User-Name (i.e. the full user name, including the realm) 
currently being authenticated, after any RewriteUsername was applied.

%U - The User-Name currently being authenticated with the realm (if any) 
stripped off, after any RewriteUsername was applied.

%u -The full original User-Name that was received, before any 
RewriteUsername were applied.


- Sam

Andy Dills wrote:

> Sorry about the blank email. I had tried to cancel the email, as I had
> thought I had figured out the problem, but had accidently sent it instead
> of cancelling (cntrl-x being right next to cntrl-c).
> 
> Anyways, the problem is this: I use the standard realm stripping
> RewriteUsername s/^([^@]+).*/$1/ in my <Realm...> clauses. However, the
> full user at realm.com is being injected into the session db. This isn't
> good, because I have some NASes that send plain usernames with no realms,
> which get routed with a DefaultRealm statement. These logins do not have
> the realm attached when injected into the session db.
> 
> As a result, simultaneous use doesn't work properly, as
> andy at xecu.net != andy
> 
> Any ideas on how to fix this? My initial thought was a RewriteUsername
> clause inside of the <SessionDatabase SQL> statement. That, of course,
> isn't kosher.
> 
> Thanks!
> Andy
> 
> 
> 
> Here's some trace 4:
> 
> First, when the realm is specified:
> 
> Tue Dec 18 05:24:21 2001: DEBUG: Handling request with Handler
> 'Realm=xecu.net'
> Tue Dec 18 05:24:21 2001: DEBUG: Rewrote user name to xandy
> Tue Dec 18 05:24:21 2001: DEBUG: xecu.net Deleting session for
> xandy at xecu.net, 203.63.154.1, 1234
> Tue Dec 18 05:24:21 2001: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='203.63.154.1' and NASPORT=01234
> 
> Tue Dec 18 05:24:21 2001: DEBUG: Handling with Radius::AuthGROUP
> Tue Dec 18 05:24:21 2001: DEBUG: Handling with Radius::AuthSQL
> Tue Dec 18 05:24:21 2001: DEBUG: Handling with Radius::AuthSQL:
> Tue Dec 18 05:24:21 2001: DEBUG: Query is: select ENCRYPTEDPASSWORD,
> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='xandy'
> 
> Tue Dec 18 05:24:21 2001: DEBUG: Radius::AuthSQL looks for match with
> xandy
> Tue Dec 18 05:24:21 2001: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
> ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where USERNAME='xandy at xecu.net'
> 
> Tue Dec 18 05:24:21 2001: DEBUG: Radius::AuthSQL ACCEPT:
> Tue Dec 18 05:24:21 2001: DEBUG: Access accepted for xandy
> Tue Dec 18 05:24:21 2001: DEBUG: Handling request with Handler
> 'Realm=xecu.net'
> Tue Dec 18 05:24:21 2001: DEBUG: Rewrote user name to xandy
> Tue Dec 18 05:24:21 2001: DEBUG: xecu.net Adding session for
> xandy at xecu.net, 203.63.154.1, 1234
> Tue Dec 18 05:24:21 2001: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='203.63.154.1' and NASPORT=01234
> 
> Tue Dec 18 05:24:21 2001: DEBUG: do query is: insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESS
> IONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values
> ('xandy at xecu.net', '203.63.154.1', 01234, '00001234', 1008653061, '', 'Async', 'Framed-User')
> 
> Tue Dec 18 05:24:21 2001: DEBUG: Handling with Radius::AuthGROUP
> Tue Dec 18 05:24:21 2001: DEBUG: Handling with Radius::AuthSQL
> Tue Dec 18 05:24:21 2001: DEBUG: Handling accounting with Radius::AuthSQL
> Tue Dec 18 05:24:21 2001: DEBUG: Accounting accepted
> 
> 
> 
> And now when the realm is not specified:
> 
> 
> 
> Tue Dec 18 16:29:20 2001: DEBUG: Handling request with Handler
> 'Realm=xecu.net'
> Tue Dec 18 16:29:20 2001: DEBUG: Rewrote user name to xandy
> Tue Dec 18 16:29:20 2001: DEBUG: xecu.net Deleting session for xandy,
> 203.63.154.1, 1234
> Tue Dec 18 16:29:20 2001: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='203.63.154.1' and NASPORT=01234
> 
> Tue Dec 18 16:29:20 2001: DEBUG: Handling with Radius::AuthGROUP
> Tue Dec 18 16:29:20 2001: DEBUG: Handling with Radius::AuthSQL
> Tue Dec 18 16:29:20 2001: DEBUG: Handling with Radius::AuthSQL:
> Tue Dec 18 16:29:20 2001: DEBUG: Query is: select ENCRYPTEDPASSWORD,
> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='xandy'
> 
> Tue Dec 18 16:29:20 2001: DEBUG: Radius::AuthSQL looks for match with
> xandy
> Tue Dec 18 16:29:20 2001: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
> ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where USERNAME='xandy'
> 
> Tue Dec 18 16:29:20 2001: DEBUG: Radius::AuthSQL ACCEPT:
> Tue Dec 18 16:29:20 2001: DEBUG: Access accepted for xandy
> Tue Dec 18 16:29:20 2001: DEBUG: Handling request with Handler
> 'Realm=xecu.net'
> Tue Dec 18 16:29:20 2001: DEBUG: Rewrote user name to xandy
> Tue Dec 18 16:29:20 2001: DEBUG: xecu.net Adding session for xandy,
> 203.63.154.1, 1234
> Tue Dec 18 16:29:20 2001: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='203.63.154.1' and NASPORT=01234
> 
> Tue Dec 18 16:29:20 2001: DEBUG: do query is: insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESS
> IONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values
> ('xandy', '203.63.154.1', 01234, '00001234', 1008692960, '', 'Async', 'Framed-User')
> 
> Tue Dec 18 16:29:20 2001: DEBUG: Handling with Radius::AuthGROUP
> Tue Dec 18 16:29:20 2001: DEBUG: Handling with Radius::AuthSQL
> Tue Dec 18 16:29:20 2001: DEBUG: Handling accounting with Radius::AuthSQL
> Tue Dec 18 16:29:20 2001: DEBUG: Accounting accepted
> 
> 
> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Andy Dills                              301-682-9972
> Xecunet, LLC                            www.xecu.net
> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Dialup * Webhosting * E-Commerce * High-Speed Access
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 
> 


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list