(RADIATOR) How to Parse <Handler> before <Realm>

Hugh Irvine hugh at open.com.au
Fri Jan 10 22:33:07 CST 2003


Hello Marc -

Realms are *always* evaluated before Handlers, so you should do this:

<Handler>
	....
</Handler>

instead of

<Realm DEFAULT>
	.....
</Realm>

regards

Hugh


On Saturday, Jan 11, 2003, at 01:48 Australia/Melbourne, Marc wrote:

>
> Hi to everybody,
>
> Does anybody can give me some advice on why all requests that should be
> rejected (the ones with User-Password attribute set to ascend) are 
> granted
> instead ?
>
> The scenario is the following :
>
> The bottom of my radius.cfg file looks like :
>
> <Handler User-Password=ascend>
>
>         <AuthBy INTERNAL>
>                 DefaultResult   REJECT
>         </AuthBy>
>
> </Handler>
>
> <Realm DEFAULT>
>         # Lets check everything and log to SQL
>         AuthBy DoChecks
>
>         # Log authentication success and failure
>         AuthLog myauthlogger
> </Realm>
>
> And there are no more Realm or Handler statements before those.
>
> I've looked into radiator documentation and it says :
>
>     * Look for a Realm with an exact match on the realm name
>     * If still no exact match, look for a matching regular expression
> Realm
>     * If still no match, look for a <Realm DEFAULT>
>     * If still no match, look at each Handler in the order they appear 
> in
> the configuration file until one where all the check items match the
> request.
>     * If still no match, ignore (i.e. do not reply to) the request.
>
> If that's true and I understand it well, how can I do to ALWAYS parse 
> the
> hanlder statement before the Realm DEFAULT ?
>
> Thank you very much in advance,
> M
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list