(RADIATOR) AuthyByPolicy
Chris Cronje - MWeb
ccronje at mweb.com
Thu May 17 06:10:08 CDT 2001
Thanks for the good reply Hugh.
Chris
> -----Original Message-----
> From: Hugh Irvine [SMTP:hugh at open.com.au]
> Sent: Wednesday, May 16, 2001 2:59 PM
> To: Chris Cronje - MWeb; 'radiator at open.com.au'
> Subject: Re: (RADIATOR) AuthyByPolicy
>
>
> Hello Chris -
>
> You cannot chain AuthBy RADIUS clauses like this, due to the way the
> AuthBy RADIUS clause operates - ie. it is asynchronous. There are two
> ways of dealing with this: first is use the CachePasswords option
> which will tell the clause to cache recent requests and responses and
> use the cached entry in case the proxy does not respond. Otherwise
> you can use a NoReplyHook (there is an example in the file
> "goodies/hooks.txt").
>
> Probably a better approach in any case is to define multiple targets
> for the proxy and have Radiator fail over automatically. There are
> several such modules in Radiator 2.18.1 (RADIUS, ROUNDROBIN,
> VOLUMEBALANCE, LOADBALANCE).
>
> hth
>
> Hugh
>
>
> At 21:54 +0200 15/5/01, Chris Cronje - MWeb wrote:
> >Hi There
> >
> >I was wondering if anyone has done this before ?
> >I'm using Radiator to authenticate off another Radiator server, like a
> >proxy. If the radius server fails, I want my proxy to mark the server
> dead
> >for 10 minutes and then continue to the next Authby clause, which is
> AuthBy
> >FILE.
> >
> >What happens in practise is that if my proxy receives a timeout, it
> >retransmits once, marks the server dead for 10 minutes and then says:
> >
> >Tue May 15 21:53:41 2001: INFO: AuthRADIUS could not find a working host
> to
> >forward to. Ignoring
> >
> >But, it never goes to the next AuthBy statement.
> >
> >Am I doing something wrong in my config here ?
> >
> >
> ><Realm DEFAULT>
> >AuthByPolicy ContinueUntilIgnore
> > <AuthBy RADIUS>
> > Host x.x.x.x
> > Retries 1
> > RetryTimeout 3
> > FailureBackoffTime 600
> > Secret M at x$3$$!0n$
> > </AuthBy>
> >
> > <AuthBy FILE>
> > Filename users
> > AcceptIfMissing
> > </AuthBy>
> >
> ></Realm>
> >===
> >Archive at http://www.open.com.au/archives/radiator/
> >Announcements on radiator-announce at open.com.au
> >To unsubscribe, email 'majordomo at open.com.au' with
> >'unsubscribe radiator' in the body of the message.
>
> --
>
> NB: I am travelling this week, so there may be delays in our
> correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list