(RADIATOR) weird setup

Hugh Irvine hugh at open.com.au
Mon Oct 21 05:28:52 CDT 2002 

Hello Bogdan -

You will need to write a PostAuthHook to do what you describe.

There are some example hooks in the file "goodies/hooks.txt" in the 
Radiator 3.3.1 distribution.

regards

Hugh


On Monday, October 21, 2002, at 07:42 PM, Bogdan TARU wrote:

>
>
> 	Hi Hugh & all,
>
>  Unfortunately, my problem is getting complicated. I need a setup like:
> the DEFAULT user gets a random value for the Session-Timeout, and all 
> the
> other users have a defined Session-Timeout value.
>
>  Up until now, I made something like:
>
>  select concat (attribute,round((rand()*540)+60)) from users where \
> 	user='%0'
>
>  to get the random value. But now, I don't know how to implement the 
> new
> scenario... I thought about making two entries,
>
> User	|	Attribute
> -----------------------------------------------------------------
> DEFAULT | Service-Type=Framed-User,Framed-Protocol=PPP
> -----------------------------------------------------------------
> user1	| 
> Service-Type=Framed-User,Framed-Protocol=PPP,Session-Timeout=3600
>
>
>  But I really don't have any idea on how to add a random value to 
> Default
> (AddToReplyIfNotExist doesn't accept perl functions or sql statements 
> in
> it, does it?
>
>  Could you give me some ideas about this?
>
>  Thanks,
>  bogdan
>
>
> ----------------------------
> iCom Media AG
> Kirchweg 36
> Koln, 50858
> Germany
>
> Phone: +49-(0)221-485-689-16
> Fax  : +49-(0)221-485-689-20
> Mobile:+49-(0)173-906-46-01
>
> On Fri, 18 Oct 2002, Hugh Irvine wrote:
>
>>
>> Hello Bogdan -
>>
>> I would use a DEFAULT entry together with the specific users in your
>> database:
>>
>> USERNAME		REPLYATTRS
>>
>> DEFAULT			Session-Timeout=2700
>>
>> userb			Session-Timeout=3600
>>
>> userc			........
>>
>>
>> Then your Radiator configuration file would look like this:
>>
>> # define Realm or Handler
>>
>> <Realm ....>
>> 	<AuthBy SQL>
>> 		DBSource .....
>> 		DBUsername ....
>> 		DBAuth ....
>>
>> 		AuthSelect select REPLYATTRS from USERS where USERNAME = %0
>>
>> 		AuthColumnDef 0, GENERIC, reply
>>
>> 		AddToReply Service-Type = Framed-User, \
>> 			Framed-Protocol = PPP
>>
>> 	</AuthBy>
>> </Realm>
>>
>> If the user is found directly, the REPLYATTRS for that user will be
>> used, if the user is not found, a second lookup for "DEFAULT" will be
>> done automatically.
>>
>> If you have any other questions, please don't hesitate to ask.
>>
>> regards
>>
>> Hugh
>>
>>
>> On Friday, October 18, 2002, at 03:07 AM, Bogdan TARU wrote:
>>
>>>
>>> 	Hi guys,
>>>
>>>  I have a weirdo requirement and don't know how to implement it in 
>>> the
>>> radiator. So this were the requirements up until now:
>>>
>>> 1. all users should go through. No authentification is done.
>>> 2. the users should be disconnected after, let's say, 45 minutes
>>>
>>>  That mean I had a row in a mysql database saying:
>>>
>>> User | attribute
>>> dc   |
>>> Service-Type=Framed-User,Framed-Protocol=PPP,Session-Timeout=2700
>>>
>>>  And in the radiator I had the setting:
>>>
>>>  AuthSelect select attribute from users where user='dc'
>>>
>>>  That meant the Cisco dialin machine got an answer to disconnect the
>>> user
>>> after 45 minutes.
>>>
>>>  The new requirement is that we should have some special 'usernames',
>>> which get disconnected after, let's say, an hour. Making a new realm
>>> setting for them is out of the question (don't ask why). So, if the
>>> user
>>> 'a' can surf net only for 45minutes, the user 'b' should be able to
>>> surf
>>> the net for 60minutes.
>>>
>>>  What I could do is create a new row in the database, so that I'll
>>> have:
>>>
>>> User | attribute
>>> dc   |
>>> Service-Type=Framed-User,Framed-Protocol=PPP,Session-Timeout=2700
>>> b    |
>>> Service-Type=Framed-User,Framed-Protocol=PPP,Session-Timeout=3600
>>>
>>>  But I don't know how to construct a query in MySQL to return me
>>> attribute_2700 in case user != 'b' and attribute_3600 if user == 'b'.
>>> Of
>>> course, mysql doesn't support subselects, and changing the database 
>>> is
>>> not
>>> really an option.
>>>
>>>  So, could you enlighten me and tell me what's the easiest way of 
>>> doing
>>> this?
>>>
>>>  Thanks,
>>>  bogdan
>>>
>>> ----------------------------
>>> iCom Media AG
>>> Kirchweg 36
>>> Koln, 50858
>>> Germany
>>>
>>> Phone: +49-(0)221-485-689-16
>>> Fax  : +49-(0)221-485-689-20
>>> Mobile:+49-(0)173-906-46-01
>>>
>>> ===
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: I am travelling this week, so there may be delays in our 
correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list