(RADIATOR) SnmpgetProg and DefaultRealms
Jeremy Hinton
jgh at visi.net
Thu Feb 27 15:23:23 CST 2003
Hugh & Mike,
While working on locking down multiple logins recently, i noticed an
interesting situation. I have a default realm of visi.net, so logging in as
bob and bob at visi.net are treated the same. I log into the server as bob. i
then try to log in to the server as bob at visi.net. Now, i can tailor my SQL
lookups to catch this multiple login no problem. *However*, when the NAS
itself gets queried with the SnmpgetProg, it only checks against what the
term server responds with, which may or may not include the realm. Now, i
made a quick hack to the Bay.pm module to auto add my default realm to both
the result and the username if no realm is specified, but it was a quick
and dirty hack hard-coding my realm. Maybe i'm missing some way to do this
already, but i couldn't find it. I suppose this would be a feature request
then :). At any rate, heres my quick patch:
bash-2.05# diff -C1 Bay.pm Bay.pm.old
*** Bay.pm Thu Feb 27 16:01:28 2003
--- Bay.pm.old Sun Mar 24 18:10:51 2002
***************
*** 28,34 ****
{
! my $match = $1;
! $match .= "\@visi.net" unless ($match =~ /\@/);
! $name .= "\@visi.net" unless ($name =~ /\@/);
!
! return $match eq $name;
}
--- 28,30 ----
{
! return $1 eq $name;
}
- jeremy
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list