(RADIATOR) Auth only on same realm

Hugh Irvine hugh at open.com.au
Thu Jan 30 17:35:34 CST 2003


Hello Tom -

I don't quite understand your question sorry.

Could you give me a bit more detail please?

If you want usernames without realms to be treated the same way as 
those with realms, you can add a DefaultRealm parameter to your Client 
clauses:

# define Client clauses

<Client ....>
	.....
	DefaultRealm foo.bar
</Client>

.....

regards

Hugh


On Friday, Jan 31, 2003, at 10:04 Australia/Melbourne, Tom Swenson 
wrote:

> I tried this and I think it will work, but I have to figure out a way 
> to
> get the default domain in there. Is there an easier way than to put in 
> an
> identifier for every client and then a handler at the end of my 
> domains to
> catch all the ones without domains?
>
> Thanks again.
>
> Tom Swenson - CTO
> NetConX - Internet Access - Client Managed Web Database Applications
> Wireless - Virus Blocking - Spam Blocking
> tom at netconx.net 					         http://www.netconx.net
> (641) 421-4170 - Voice	(641) 423-3351 - FAX
>
> Your imagination is your preview of life's coming attractions - Albert
> Einstein
>
>
> *********** REPLY SEPARATOR  ***********
>
> On 1/31/2003 at 9:24 AM Hugh Irvine wrote:
>
>> Hello Tom -
>>
>> You should not mix Realms and Handlers in the same configuration file
>> for exactly this reason - Realms are always evaluated first.
>>
>> Change your Realms to Handlers like this:
>>
>> <Realm foo.bar>
>> 	.....
>> </Realm>
>>
>> becomes
>>
>> <Handler Realm = foo.bar>
>> 	.....
>> </Handler>
>>
>> Note that Handlers are evaluated in the order they appear in the
>> configuration file, so the more specific must appear before the more
>> general, keeping in mind that you want the most hit Handlers as close
>> to the top of the list as possible.
>>
>> regards
>>
>> Hugh
>>
>>
>> On Friday, Jan 31, 2003, at 04:55 Australia/Melbourne, Tom Swenson
>> wrote:
>>
>>> I have a newsgroup server that I have told to authenticate with the
>>> same
>>> realm as my dial in customers. I created special client for this 
>>> server
>>> and then put in an identifier. I thought it would then go to the
>>> handler I
>>> created to just authenticate only. No accounting or sessions. I'm
>>> finding
>>> that it is instead of going to the handler, it is going to the realm.
>>> The
>>> manual says it this is how it will do this.
>>>
>>> I don't know what to do now. Here is what I have, but I don't think 
>>> it
>>> ever goes to the handler. Is there anything I can specify in the 
>>> client
>>> section to make it go to a specific realm or handler?
>>>
>>> <Client xx.xx.xx.xx>
>>>   DupInterval 0
>>>   IgnoreAcctSignature
>>>   Secret xxxxxxxxxxx
>>>   Identifier newsauth
>>> </Client>
>>>
>>> # news group authentication
>>> <Handler Client-Identifier=newsauth>
>>>   AuthBy ID_0
>>>   AuthByPolicy ContinueWhileIgnore
>>>   RewriteUsername s/^([^@]+).*/$1/
>>> </Handler>
>>>
>>>
>>> Tom Swenson - CTO
>>> NetConX - Internet Access - Client Managed Web Database Applications
>>> Wireless - Virus Blocking - Spam Blocking
>>> tom at netconx.net 					         http://www.netconx.net
>>> (641) 421-4170 - Voice	(641) 423-3351 - FAX
>>>
>>> Your imagination is your preview of life's coming attractions - 
>>> Albert
>>> Einstein
>>>
>>>
>>> ===
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>
>> -- 
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>>
>> ===
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list