(RADIATOR) Auth only on same realm

Hugh Irvine hugh at open.com.au
Thu Jan 30 16:24:49 CST 2003


Hello Tom -

You should not mix Realms and Handlers in the same configuration file 
for exactly this reason - Realms are always evaluated first.

Change your Realms to Handlers like this:

<Realm foo.bar>
	.....
</Realm>

becomes

<Handler Realm = foo.bar>
	.....
</Handler>

Note that Handlers are evaluated in the order they appear in the 
configuration file, so the more specific must appear before the more 
general, keeping in mind that you want the most hit Handlers as close 
to the top of the list as possible.

regards

Hugh


On Friday, Jan 31, 2003, at 04:55 Australia/Melbourne, Tom Swenson 
wrote:

> I have a newsgroup server that I have told to authenticate with the 
> same
> realm as my dial in customers. I created special client for this server
> and then put in an identifier. I thought it would then go to the 
> handler I
> created to just authenticate only. No accounting or sessions. I'm 
> finding
> that it is instead of going to the handler, it is going to the realm. 
> The
> manual says it this is how it will do this.
>
> I don't know what to do now. Here is what I have, but I don't think it
> ever goes to the handler. Is there anything I can specify in the client
> section to make it go to a specific realm or handler?
>
> <Client xx.xx.xx.xx>
>   DupInterval 0
>   IgnoreAcctSignature
>   Secret xxxxxxxxxxx
>   Identifier newsauth
> </Client>
>
> # news group authentication
> <Handler Client-Identifier=newsauth>
>   AuthBy ID_0
>   AuthByPolicy ContinueWhileIgnore
>   RewriteUsername s/^([^@]+).*/$1/
> </Handler>
>
>
> Tom Swenson - CTO
> NetConX - Internet Access - Client Managed Web Database Applications
> Wireless - Virus Blocking - Spam Blocking
> tom at netconx.net 					         http://www.netconx.net
> (641) 421-4170 - Voice	(641) 423-3351 - FAX
>
> Your imagination is your preview of life's coming attractions - Albert
> Einstein
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list