(RADIATOR) rejecting a user in a PreProcessingHook

Matthew Trout MatthewTrout at businessserve.co.uk
Wed May 21 06:45:11 CDT 2003


> I would like to reject users using a PreProcessingHook .  Specifically we
> are doing some session database checks and online time checks and we want
to
> be able to reject a user before we send the Proxy request <AuthBy
SQLRADIUS>

So where is the session database you want to check against?

-----Original Message-----
From: Brandon [mailto:brandon at dialupusa.net] 
Sent: 21 May 2003 12:14
To: radiator at open.com.au
Subject: Re: (RADIATOR) rejecting a user in a PreProcessingHook


Because the user is not in our local database, I dont think an AuthBy SQL
would help.
It would do like you say, return an IGNORE and then just continue on to the
SQLRADIUS
authby clause.   We are trying to find a way to stop the request from going
to the AuthBy clauses
using a PreProcessingHook or PreAuthHook and returning a REJECT_IMMEDIATE
failure
but I can't find a way to do it yet.

***********************************
Brandon Mullenberg
Dialup USA, Inc.
Tel: 888-460-2286 ext 202
Fax: 866-627-8808
Email: brandon at dialupusa.net
**********************************

-

This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and destroy this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.

----- Original Message -----
From: "Matthew Trout" <MatthewTrout at businessserve.co.uk>
To: "'Brandon'" <brandon at dialupusa.net>; <radiator at open.com.au>
Cc: "'Hugh Irvine'" <hugh at open.com.au>
Sent: Wednesday, May 21, 2003 3:59 AM
Subject: RE: (RADIATOR) rejecting a user in a PreProcessingHook


> Wouldn't it be easier to have an <AuthBy SQL> clause first, and to return
> the reject from that? Then your ContinueUntilReject will kick in and the
> <AuthBy SQLRADIUS> request will never take place; however, if the <AuthBy
> SQL> returns nothing, authentication will continue and the proxy will be
> contacted
>
> -----Original Message-----
> From: Brandon [mailto:brandon at dialupusa.net]
> Sent: 21 May 2003 11:11
> To: radiator at open.com.au
> Subject: (RADIATOR) rejecting a user in a PreProcessingHook
>
>
> I would like to reject users using a PreProcessingHook .  Specifically we
> are doing some session database checks and online time checks and we want
to
> be able to reject a user before we send the Proxy request <AuthBy
SQLRADIUS>
> to another radius server.   I have added a PreProcessingHook and the
> following code:
>
>                         my $p = ${$_[0]};
>                         $p->{Handler}->handlerResult($p,
> $main::REJECT_IMMEDIATE, 'exceeded');
>                         return $main::REJECT_IMMEDIATE;
>
> The radius server does reject it, however then immediatly turns around and
> forwards the request to the Proxy server.   This creates unnecessary
> requests and traffic.  Is there any way to reject a user using a
> PreProcessingHook and prevent the user from ever being Proxied?   We are
> using ContinueUntilReject as well.
>
> Wed May 21 09:54:59 2003 758900: INFO: Access rejected for username:
> exceeded
> Wed May 21 09:54:59 2003 870456: INFO: Access rejected for username:
Proxied
>
> ***********************************
> Brandon Mullenberg
> Dialup USA, Inc.
> Tel: 888-460-2286 ext 202
> Fax: 866-627-8808
> Email: brandon at dialupusa.net
> **********************************
>
> -
>
> This e-mail may contain confidential and/or privileged information. If you
> are not the intended recipient (or have received this e-mail in error)
> please notify the sender immediately and destroy this e-mail. Any
> unauthorized copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list