(RADIATOR) Injecting passwords in PreAuthHook.
Mike McCauley
mikem at open.com.au
Fri May 30 21:20:31 CDT 2003
Hello Joao
On Fri, 30 May 2003 03:12 am, Joao Pedro Goncalves wrote:
> Hi,
>
> We are using <AuthBy LDAP2> to retrieve NAS attributes and it's working
> great, but we want our users to be authenticated against a different
> system in PreAuthHook. We've managed to get it working as a proof of
> concept.
>
>
> My question is,
> How can i inject the password in the check item lists, so that later
> it will check it as it should, or how do i issue a REJECT directly from
> PreAuthHook, which would be optimal, since there would be one less
> access to the ldap server.
Perhaps you have not realised that it is possible to use multiple AuthBy
clauses one-after the other:
<Handler ...
AuthByPolicy ...
# Th first AuthBy always runs:
<AuthBy LDAP2>
....
</AuthBy>
# If the AuthByPolicy is met, then it will go on th the next one.
<AuthBy LDAP2>
....
</AuthBy>
....
</Handler>
...
Its not possible with the standard code base to force a REJECT from a
PreAuthHook.
>
> Thank your for your time.
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list