(RADIATOR) AuthBy SQLRADIUS and Rewrite

Hugh Irvine hugh at open.com.au
Sun Oct 28 17:44:43 CST 2001


Hello Mark -

On Monday 29 October 2001 07:41, Mark - Orcon Support wrote:
> The new SQLRADIUS function looks awesome, so thanks Hugh and the team for
> all your work on the continued new features for Radiator.
>

Most of the thanks should go to Mike - he's the one who writes the code!

> I was however wondering if there was a way to use per-host rewrite rules
> for usernames and still look up the proxies from an SQL table.
>

Hmmmm - what an interesting idea. There isn't anything you can do with the 
Authby SQLRADIUS clause directly (at the moment), however I suppose you could 
always write a little PreAuthHook to do it before the AuthBy SQLRADIUS clause 
is called.

I think we will wait to see if anyone else has ideas for further enhancements 
and then we will incorporate all of them in Radiator 2.19.1.

If you think of anything else please let us know.

> Eg. we have 8 or so wholesale clients, which we proxy radius to -- and this
> is growing which is why the SQL table would be great; but some of the
> customers have radius servers or operators, which can't handle it when
> realms or the like are being passed  through as the proxy username (or vice
> versa).
>

Tell them to use Radiator.  :-)

> Thus for some of our proxy-customers, we strip the realm for them before
> sending it to them.  Is there a way to do this using the SQLRADIUS handler?
>

See above.

> Also; whilst I think about it -- what is the best way to apply
> PoolHints/etc (we don't let the proxy-customer choose their PoolHint).
>
> I'm guessing this could be handled by a PostAuthHook - and we could perform
> a lookup on the same database, looking for different columns -- but I
> wondered if there was anything better.
>

Hmmm - another interesting idea. What would be extremely useful in this 
context is something similar to the AuthColumnDef in a normal AuthBy SQL, but 
allowing you to add columns to the standard query and use them in similar 
ways to the AuthColumnDef's.

Again - we'll put it on the list and have a bit of a think about it.

Many thanks for the ideas - keep them coming!

regards

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list