(RADIATOR) changing the realm.
Hugh Irvine
hugh at open.com.au
Wed Jul 11 20:35:19 CDT 2001
Hello Griff -
As has been mentioned elsewhere, Realm is not an attribute, rather it
is the suffix on a username after the "@" sign.
hth
Hugh
At 9:50 -0700 01/7/11, Griff Hamlin wrote:
>Hello all,
>
>I am trying to take the username (including realm or not) that comes in
>from the packet, strip the realm and then put on a new one based on the
>radius client that is providing the packet. I have the following in a
>client block:
>
><Client 127.0.0.1>
> RewriteUsername s/^([^@]+).*/$1/
> Secret mysecret
> PreHandlerHook sub { ${$_[0]}->change_attr('Realm','home'); \
> my $request = ${$_[0]}; \
> my $attrref = $request->{Attributes}; \
> my @attr = @$attrref; \
> foreach (@attr) { \
> my @attr2 = @$_; \
> my $attr3; \
> foreach $attr3 (@attr2) { \
> print "attribute is '$attr3'\n"; \
> }\
> }\
> }
></Client>
>
>Mostly, what happens is I try and use the 'change_attr' method to change
>the realm from whatever it was to 'home'. However, when I tried then
>using a <Handler Realm = home> block, it never noticed the new realm,
>and continued with the old realm as per the following log file segment:
>
>attribute is 'User-Name'
>attribute is 'hamlin'
>attribute is 'Service-Type'
>attribute is 'Framed-User'
>attribute is 'NAS-IP-Address'
>attribute is '203.63.154.1'
>attribute is 'NAS-Port'
>attribute is '1234'
>attribute is 'Called-Station-Id'
>attribute is '123456789'
>attribute is 'Calling-Station-Id'
>attribute is '987654321'
>attribute is 'NAS-Port-Type'
>attribute is 'Async'
>attribute is 'Framed-IP-Address'
>attribute is '255.255.255.254'
>attribute is 'User-Password'
>attribute is 'ϸfß5pö¼8 Ø}x'
>attribute is 'Realm'
>attribute is 'home'
>Wed Jul 11 10:45:34 2001: DEBUG: Packet dump:
>*** Received from 65.13.83.72 port 1027 ....
>Code: Access-Request
>Identifier: 124
>Authentic: 1234567890123456
>Attributes:
> User-Name = "hamlin at wf.quik.com"
> Service-Type = Framed-User
> NAS-IP-Address = 203.63.154.1
> NAS-Port = 1234
> Called-Station-Id = "123456789"
> Calling-Station-Id = "987654321"
> NAS-Port-Type = Async
> Framed-IP-Address = 255.255.255.254
> User-Password =
>"<207><184>f<154><223>5p<246><188>8<9><160><216>}x<153>"
>Wed Jul 11 10:45:34 2001: DEBUG: Rewrote user name to hamlin
>Wed Jul 11 10:45:34 2001: DEBUG: Check if Handler Realm = home should be
>used to handle this request
>Wed Jul 11 10:45:34 2001: DEBUG: Check if Handler should be used to
>handle this request
>Wed Jul 11 10:45:34 2001: DEBUG: Handling request with Handler ''
>Wed Jul 11 10:45:34 2001: DEBUG: Deleting session for
>hamlin at wf.quik.com, 203.63.154.1, 1234
>
>As you can see, when printing out attributes, it shows the Realm to be
>'home', and later when doing the packet dump, the username is
>hamlin at wf.quik.com as it was sent from the radius client. Maybe this is
>not possible, which would be OK I have other ideas to work around it.
>But now I'm curious.
>
>Griff Hamlin, IIII
>
>
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list