(RADIATOR) AuthBy External cascading accounting requests

Hugh Irvine hugh at open.com.au
Thu Mar 27 16:07:46 CST 2003 

Hello Joshua -

I will need to see a trace 4 debug from Radiator showing what is 
happening. And it would also be useful to see any debug messages from 
your external programs showing what the exit status is.

BTW - it is often easier to use Handlers and/or hooks for this sort of 
thing.

# define Handlers

<Handler Request-Type = Accounting-Request>
	# deal with accounting requests
	....
</Handler>

<Handler>
	# deal with authentication
	.....
</Handler>

You will find some example hooks in the file "goodies/hooks.txt".

regards

Hugh


On Thursday, Mar 27, 2003, at 21:01 Australia/Melbourne, Joshua Masiko 
wrote:

> According to the radiator documentation
>  
>
> The exit status of the external command determines what type of reply 
> is to be sent in response to the request:
>
> • 	 0 Means reply with an acceptance. For Access-Requests, an 
> Access-Accept will be sent. For Accounting-Requests, an 
> Accounting-Response will be sent.
> • 	 1 Means reply with a rejection. For Access-Requests, an 
> Access-Reject is sent. For Accounting-Requests, no response is sent.
> • 	 2 Means don't send any reply. This will also make the Realm fall 
> through to the next AuthBy module if you specified more than one for 
> this Realm (but see also AuthByPolicy).
>
>  
> I have two programs . My understanding is that prog1 is called for all 
> requests. In prog1 if a certain condition is met it returns a value of 
> 2 otherwise it returns a value of zero My problem is that even when it 
> returns 0 prog2 is still run.
>  
> My config file looks like this
>  
> <Realm DEFAULT>
>         AuthByPolicy ContinueWhileIgnore
>         <AuthBy FILE>
>                 IgnoreAccounting
>                 Filename %D/users
>         </AuthBy>
>         # Log accounting to a detail file
>         <AuthBy EXTERNAL>
>                 IgnoreAuthentication
>                 Command /home/joshua/work/newapp/prog1
>         </AuthBy>
>        <AuthBy EXTERNAL>
>                IgnoreAuthentication
>                Command /home/joshua/work/newapp/prog2
>        </AuthBy>
>         AcctLogFileName %L/detail
> </Realm>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 2662 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20030328/2c892ba0/attachment.bin>

More information about the radiator mailing list