(RADIATOR) Handler question
Hugh Irvine
hugh at open.com.au
Thu Jul 10 03:35:53 CDT 2003
Hello Andy -
Yes you can use regular expressions with Handlers, and the first match
is the only match.
If a request can match multiple Handlers, it will only be processed by
the first one that matches. Therefore the more specific Handlers must
appear before the more general Handlers in the list.
regards
Hugh
On Thursday, Jul 10, 2003, at 18:21 Australia/Melbourne, Andy De Petter
wrote:
>
> Hello guys,
>
> I have some questions, about Handler behaviour. First question, is
> whether Handlers support regular expression syntax, like Realm does?
> In section 6.16 in the manual, there isn't any mentioning about that..
> but as far as I'm concerned, I think it should be supported - but I
> would like confirmation. ;) I don't want to do any regexp matching
> against the name of the attributes, but rather against the attribute
> values (something like <Handler Called-Id = /(12345|54321)/i,
> User-Realm = /(this|that)/i>).
>
> Second question: Realm supersedes Handler definitions in the
> configuration file, and Handlers get processed sequentially.. but what
> happens, if a request matches 2 handlers, like in the following case:
>
> my request = me at WHATEVER (Client-Id: 1.1.1.1)
>
> <Handler User-Realm = /WHATEVER/i, Client-Id = /1\.1\.1\.1/>
> ...
> </Handler>
>
> <Handler User-Realm = /WHATEVER/i>
> ...
> </Handler>
>
> The request will match the first handler, but what happens if the
> AuthBy fails at that point? Will it still continue to the next
> Handler, or will it immediately send an Access-Reject?
>
> Thanks!
>
> -Andy
>
> --
> Andy De Petter - Expert IT Analyst - andy.de.petter at skybel.net
> Belgacom ANS/EIS/ISA - Carlistraat 2 - 1140 Brussels (Belgium)
> Head office: Koning Albert II Laan 27 - 1030 Brussels (Belgium)
> Tel +32 (0)2 7061170 - Fax +32 (0)2 7061150 - ICQ #1548957
>
> *** DISCLAIMER ***
> This e-mail and any attachments thereto may contain information, which
> is confidential and/or protected by intellectual property rights and
> are intended for the sole use of the recipient(s) named above. Any use
> of the information contained herein (including, but not limited to,
> total or partial reproduction, communication or distribution in any
> form) by persons other than the designated recipient(s) is prohibited.
> If you have received this e-mail in error, please notify the sender
> either by telephone or by e-mail and delete the material from any
> computer. Thank you for your cooperation.
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list