(RADIATOR) Handler question

Hugh Irvine hugh at open.com.au
Thu Jul 10 03:35:53 CDT 2003


Hello Andy -

Yes you can use regular expressions with Handlers, and the first match 
is the only match.

If a request can match multiple Handlers, it will only be processed by 
the first one that matches. Therefore the more specific Handlers must 
appear before the more general Handlers in the list.

regards

Hugh


On Thursday, Jul 10, 2003, at 18:21 Australia/Melbourne, Andy De Petter 
wrote:

>
> Hello guys,
>
> I have some questions, about Handler behaviour.  First question, is 
> whether Handlers support regular expression syntax, like Realm does?  
> In section 6.16 in the manual, there isn't any mentioning about that.. 
> but as far as I'm concerned, I think it should be supported - but I 
> would like confirmation. ;)  I don't want to do any regexp matching 
> against the name of the attributes, but rather against the attribute 
> values (something like <Handler Called-Id = /(12345|54321)/i, 
> User-Realm = /(this|that)/i>).
>
> Second question: Realm supersedes Handler definitions in the 
> configuration file, and Handlers get processed sequentially.. but what 
> happens, if a request matches 2 handlers, like in the following case:
>
> my request = me at WHATEVER (Client-Id: 1.1.1.1)
>
> <Handler User-Realm = /WHATEVER/i, Client-Id = /1\.1\.1\.1/>
>    ...
> </Handler>
>
> <Handler User-Realm = /WHATEVER/i>
>    ...
> </Handler>
>
> The request will match the first handler, but what happens if the 
> AuthBy fails at that point?  Will it still continue to the next 
> Handler, or will it immediately send an Access-Reject?
>
> Thanks!
>
> -Andy
>
> -- 
> Andy De Petter - Expert  IT Analyst - andy.de.petter at skybel.net
> Belgacom ANS/EIS/ISA - Carlistraat  2 - 1140 Brussels (Belgium)
> Head office: Koning Albert II Laan 27 - 1030 Brussels (Belgium)
> Tel +32 (0)2 7061170  -  Fax +32 (0)2 7061150  -  ICQ  #1548957
>
> *** DISCLAIMER ***
> This e-mail and any attachments thereto may contain information, which
> is confidential and/or protected by intellectual property rights and
> are intended for the sole use of the recipient(s) named above. Any use
> of the information contained herein (including, but not limited to,
> total or partial reproduction, communication or distribution in any
> form) by persons other than the designated recipient(s) is prohibited.
> If you have received this e-mail in error, please notify the sender
> either by telephone or by e-mail and delete the material from any
> computer. Thank you for your cooperation.
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list