(RADIATOR) AuthLog AuthBy?
Hugh Irvine
hugh at open.com.au
Thu Feb 20 17:32:27 CST 2003
Hello Jeremy -
Interesting question.
The only thing I can think of is to put an AddToRequest in each of the
AuthBy clauses and logging the contents of both in your AuthLog.
Something like this might work (please let me know if it does):
<Handler ...>
AuthByPolicy ....
<AuthBy LDAP2>
.....
AddToRequest AuthBy1 = LDAP2
</AuthBy>
<AuthBy SQL>
....
AddToRequest AuthBy2 = SQL
</AuthBy>
....
</Handler>
Your logging should include %{AuthBy1} and %{AuthBy2}.
Please let me know how you get on.
regards
Hugh
On Friday, Feb 21, 2003, at 05:51 Australia/Melbourne, Jeremy Hinton
wrote:
> Greetings,
>
> I'm trying to figure out of theres a way to log which AuthBy clause
> issued the Request-Failed via AuthLogSQL. I use a AuthBy LDAP
> primarily, but if that times out i fall back to an AuthBy SQL. When an
> auth attempt gets rejected, i'd like to know if the AuthBy LDAP timed
> out and its the SQL backup thats rejecting them. I've tried the
> following with no luck:
>
> - Setting GlobalVar's in the Authby clauses and then logging those.
> Didn't work since GlobalVars are illegal outside of Global scope
> - Logging %{Handler:AuthBy}. This logged an array referrence.
> - Adding AuthBy specific reply items and logging those with
> %{Reply:xx}. It doesn't appear you can add attributes to a > Auth-Reject.
>
> I though about maybe a PostAuthHook, but that starts to get really
> messy.
>
> Does anyone know of a way to do this? Thanks.
>
> - jeremy
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list