(RADIATOR) "Code" and hooks

Hugh Irvine hugh at open.com.au
Fri Dec 21 15:37:25 CST 2001 

Hello Gustavo -

You cannot do what you are trying to do, because the PostSearchHook fires 
*before* the user is authenticated, therefore the hook will never know the 
result. 

You will need to use a PostAuthHook to check the result.

regards

Hugh


On Fri, 22 Mar 2002 08:10, Gustavo Moreira wrote:
> Hi,
>
> I'm trying to do something depending if in AuthLDAP2 the result was
> Access-Accept , how can I get it in a PostSearchHook ?
>
> [...] In radius.cfg
>         AuthAttrDef     svcstatus,Svc-Status,request
>         PostSearchHook  sub {   my
> ($self,$p,$rp,$entry)=($_[0],$_[2],$_[5],$_[4]);\
>                                 my @attr = $_[4]->get('svcstatus');\
>                                 my $attr = @attr[0];\
>                                 return unless defined($attr);\
>                                 my $codeone=$rp->code;\
>                                 my $codetwo=$p->code;\
>                                 &main::log($main::LOG_DEBUG,"xxxxxxxxxxxx
> $codeone  - $codetwo");\
>                                 return if $rp->code eq 'Access-Reject';\
> [...]
>
> [...]  In Log
> Fri Dec 21 17:56:38 2001: DEBUG: LDAP got result for
> cn=cocar,ou=Radius,ou=Internet,ou=Arnet,o=TS
> Fri Dec 21 17:56:38 2001: DEBUG: LDAP got userPassword: NA17122001
> Fri Dec 21 17:56:38 2001: DEBUG: LDAP got svcstatus: 1
> Fri Dec 21 17:56:38 2001: DEBUG: xxxxxxxxxxxx   - Access-Request
> Fri Dec 21 17:56:38 2001: DEBUG: Radius::AuthLDAP2 looks for match with
> cocar
> Fri Dec 21 17:56:38 2001: DEBUG: Radius::AuthLDAP2 REJECT: Bad Password
> Fri Dec 21 17:56:38 2001: INFO: Access rejected for cocar: Bad Password
> Fri Dec 21 17:56:38 2001: DEBUG: Packet dump:
> *** Sending to 192.168.212.5 port 36442 ....
> [...]
>
> [...] In AuthLDAP2.pm
>         # Perhaps run a hook to do other things with the LDAP data
>         if (defined $self->{PostSearchHook})
>         {
>             # We use an eval so an error in the hook wont
>             # kill us.
>             eval{ &{$self->{PostSearchHook}}($self, $name, $p, $user,
> $entry, $rp);};
>             $self->log($main::LOG_ERR, "Error in PostSearchHook(): $@")
>                 if $@;
>         }
> [...]

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list