(RADIATOR) multiple portlimit checks
Hugh Irvine
hugh at open.com.au
Sun Oct 14 20:15:34 CDT 2001
Hello Utku -
On Sunday 14 October 2001 03:50, Utku Er wrote:
> I successfully implemented sessiondatabase sql, authby portlimitcheck... I
> will have multiple customers with multiple realms, each having different
> limits for different nasses. Thats also ok, I do that with the
> sessiondatabase, changed the AddQuery etc, I have realms, nasses in my
> sessiondatabase sql.
>
> its flawlessly working but I have a question:
>
> When configuring a REALM I am defining a auth by PORTLIMITCHECK and some
> CountQuery... I want to have portlimit of 10 users for the realm1.com
> AND also want to limit simultaneous use of users in this realm to 1
> user1 at realm1.com should login only once, while there can be 10 max users
> from realm1.com
>
> These are working separately but how can I put multiple checks for this
> realm ? Radiator first should check if user1 at realm1.com has a session, and
> then it should check if realm1.com realm has reached 10 users... and maybe
> some other checks...
>
> I read the mailing list archives and cannot find something related...
>
There are a couple of ways of doing this, however I will assume from the
above that you are using an SQL database for your user records. In which case
you would do something like this:
# define AuthBy clauses
<AuthBy SQL>
Identifier CheckSQL
DBSource ....
DBUsername ....
DBAuth ....
DefaultSimultaneousUse 1
AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
from SUBSCRIBERS where USERNAME = '%n'
AuthColumnDef Password, check
AuthColumnDef GENERIC, check
AuthColumnDef GENERIC, reply
AccountingTable ACCOUNTING
AcctColumnDef .....
......
</AuthBy>
# define Session Database
<SessionDatabase SQL>
Identifier SQLSDB
.....
</SessionDatabase>
# define Realm(s) or Handler(s)
<Realm .....>
AuthByPolicy ContinueWhileAccept
<AuthBy PORTLIMITCHECK>
.....
</AuthBy>
AuthBy CheckSQL
.....
</Realm>
.....
Now in the user records in the SQL database, the CHECKATTR and REPLYATTR
fields can contain multiple check items and reply items like this:
CHECKATTR
Simultaneous-Use = n, .....
REPLYATTR
Session-Timeout = nnn, ......
Have a look at sections 6.7 and 6.28 in the Radiator 2.18.4 reference manual
included in the distribution in the file "doc/ref.html".
If you have any other questions please ask.
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list