(RADIATOR) Auth only on same realm
Tom Swenson
tom at netconx.net
Thu Jan 30 17:04:05 CST 2003
I tried this and I think it will work, but I have to figure out a way to
get the default domain in there. Is there an easier way than to put in an
identifier for every client and then a handler at the end of my domains to
catch all the ones without domains?
Thanks again.
Tom Swenson - CTO
NetConX - Internet Access - Client Managed Web Database Applications
Wireless - Virus Blocking - Spam Blocking
tom at netconx.net http://www.netconx.net
(641) 421-4170 - Voice (641) 423-3351 - FAX
Your imagination is your preview of life's coming attractions - Albert
Einstein
*********** REPLY SEPARATOR ***********
On 1/31/2003 at 9:24 AM Hugh Irvine wrote:
>Hello Tom -
>
>You should not mix Realms and Handlers in the same configuration file
>for exactly this reason - Realms are always evaluated first.
>
>Change your Realms to Handlers like this:
>
><Realm foo.bar>
> .....
></Realm>
>
>becomes
>
><Handler Realm = foo.bar>
> .....
></Handler>
>
>Note that Handlers are evaluated in the order they appear in the
>configuration file, so the more specific must appear before the more
>general, keeping in mind that you want the most hit Handlers as close
>to the top of the list as possible.
>
>regards
>
>Hugh
>
>
>On Friday, Jan 31, 2003, at 04:55 Australia/Melbourne, Tom Swenson
>wrote:
>
>> I have a newsgroup server that I have told to authenticate with the
>> same
>> realm as my dial in customers. I created special client for this server
>> and then put in an identifier. I thought it would then go to the
>> handler I
>> created to just authenticate only. No accounting or sessions. I'm
>> finding
>> that it is instead of going to the handler, it is going to the realm.
>> The
>> manual says it this is how it will do this.
>>
>> I don't know what to do now. Here is what I have, but I don't think it
>> ever goes to the handler. Is there anything I can specify in the client
>> section to make it go to a specific realm or handler?
>>
>> <Client xx.xx.xx.xx>
>> DupInterval 0
>> IgnoreAcctSignature
>> Secret xxxxxxxxxxx
>> Identifier newsauth
>> </Client>
>>
>> # news group authentication
>> <Handler Client-Identifier=newsauth>
>> AuthBy ID_0
>> AuthByPolicy ContinueWhileIgnore
>> RewriteUsername s/^([^@]+).*/$1/
>> </Handler>
>>
>>
>> Tom Swenson - CTO
>> NetConX - Internet Access - Client Managed Web Database Applications
>> Wireless - Virus Blocking - Spam Blocking
>> tom at netconx.net http://www.netconx.net
>> (641) 421-4170 - Voice (641) 423-3351 - FAX
>>
>> Your imagination is your preview of life's coming attractions - Albert
>> Einstein
>>
>>
>> ===
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>>
>
>--
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
>-
>Nets: internetwork inventory and management - graphical, extensible,
>flexible with hardware, software, platform and database independence.
>
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list