(RADIATOR) Can you use SQL if statements in radiator?

Mike McCauley mikem at open.com.au
Fri Nov 28 00:46:57 CST 2003 

On Fri, 28 Nov 2003 05:26 pm, Toomas Kärner wrote:
> Hi
> I'm not sure if AuthSQLStatement  is executed when IgnoreAuthentication is
> set. 

It is not executed.

> I'd suggest to use IgnoreAuthentication, AcctStart only and make an
> AcctSQLStatement instead with the same query.
>
> Rgds.
> Toomas
> ps. I think that then the order change is not needed also.
>
> ----- Original Message -----
> From: "Craig Gittens" <cgittens at sunbeach.net>
> To: "Toomas Kärner" <tomkar at estpak.ee>; "Radiator" <radiator at open.com.au>
> Sent: Thursday, November 27, 2003 11:55 PM
> Subject: RE: (RADIATOR) Can you use SQL if statements in radiator?
>
> > Ok, thanks to Toomas I have come up with this solution but it doesn't
> > work unless I comment out the second AuthBy...it does do an ACCEPT for
> > the
>
> first
>
> > AuthBy but doesn't work for some reason unless I comment out the second
> > AuthBy. Log below. It doesn't send a reply unless I comment out the
> > second AuthBy.
> >
> > Thanks for your help guys.
> >
> > Craig.
> >
> > <Realm oneweek.sunbeach.net>
> >
> > #Will log Authentication failures to SQL table.
> > AuthLog AuthSQLLogger
> >
> > RewriteUsername s/^(.*)\\(.*)/$2\@$1/
> > RewriteUsername s/^([^@]+).*/$1/
> >
> > #Continue to use AuthBy clauses if AccessAccept to get IP Address
> > assigned AuthByPolicy ContinueUntilReject
> > #Show Reject Reason From SQL Authenticate SP Query
> > RejectHasReason
> >
> > <AuthBy SQL>
> > DBSource dbi:ODBC:xx
> > DBUsername xx
> > DBAuth xx
> >
> > FailureBackoffTime 30
> > NoDefault
> > AddToReply Service-Type=Framed-User
> > #DefaultSimultaneousUse 1
> > CaseInsensitivePasswords
> > RejectEmptyPassword
> >
> > # Accounting
> > AccountingTable CallAccounting
> > ....blah
> >
> >
> > # Authentication query - calls function Authenticate.
> > AuthSelect \
> > select \
> > Blah blah blah
> >
> > AuthColumnDef 0,User-Password,check
> > AuthColumnDef 1,GENERIC,check
> > AuthColumnDef 2,GENERIC,reply
> >
> > </AuthBy SQL>
> >
> >
> > <AuthBy SQL>
> > DBSource dbi:ODBC:x
> > DBUsername xx
> > DBAuth xx
> >
> > FailureBackoffTime 30
> > NoDefault
> > IgnoreAuthentication
> > IgnoreAccounting
> >
> > AuthSQLStatement \
> > update Login \
> > set Expiry_Date = getdate() + 7, First_Use = getdate() \
> >         where Login_name = %U and \
> >         First_Use is NULL
> >
> >
> > </AuthBy SQL>
> >
> > </Realm oneweek.sunbeach.net>
> >
> > Thu Nov 27 17:36:01 2003: DEBUG: Packet dump:
> > *** Received from 196.3.210.94 port 2048 ....
> > Code:       Access-Request
> > Identifier: 209
> > Authentic:  <23>_$<28>T<148>9<194><26>?<206><229>)s<207>%
> > Attributes:
> > User-Password =
>
> "n)|<220><137>?<2><161><185><241><152><223><29>/<239><141>"
>
> > NAS-Identifier = "5"
> > User-Name = "sunweek0 at oneweek.sunbeach.net"
> > Acct-Session-Id = "000032E9"
> > Called-Station-Id = "2929700"
> > Calling-Station-Id = "2462280430"
> > NAS-Port = 1288
> > NAS-Port-Type = Async
> > Framed-Protocol = PPP
> > Service-Type = Framed-User
> >
> > Thu Nov 27 17:36:01 2003: DEBUG: Handling request with Handler
> > 'Realm=oneweek.sunbeach.net'
> > Thu Nov 27 17:36:01 2003: DEBUG: Rewrote user name to
> > sunweek0 at oneweek.sunbeach.net
> > Thu Nov 27 17:36:01 2003: DEBUG: Rewrote user name to sunweek0
> > Thu Nov 27 17:36:01 2003: DEBUG:  Deleting session for
> > sunweek0 at oneweek.sunbeach.net, 196.3.210.94, 1288
> > Thu Nov 27 17:36:01 2003: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER = '196.3.210.94' and NASPORT = 1288':
> >
> > Thu Nov 27 17:36:01 2003: DEBUG: Handling with Radius::AuthSQL
> > Thu Nov 27 17:36:01 2003: DEBUG: Handling with Radius::AuthSQL:
> > Thu Nov 27 17:36:01 2003: DEBUG: Query is: 'select LoginPassword,
>
> CheckAttr,
>
> > ReplyAttr from Authenticate('sunweek0', '2462280430', '11/27/2003
>
> 17:36:01',
>
> > 'Async')':
> >
> > Thu Nov 27 17:36:01 2003: DEBUG: Radius::AuthSQL looks for match with
> > sunweek0
> > Thu Nov 27 17:36:01 2003: DEBUG: Radius::AuthSQL ACCEPT:
> > Thu Nov 27 17:36:01 2003: DEBUG: Handling with Radius::AuthSQL
> >
> > Thu Nov 27 17:36:03 2003: DEBUG: Packet dump:
> > *** Received from 196.3.210.94 port 2048 ....
> > Code:       Access-Request
> > Identifier: 209
> > Authentic:  <23>_$<28>T<148>9<194><26>?<206><229>)s<207>%
> > Attributes:
> > User-Password =
>
> "n)|<220><137>?<2><161><185><241><152><223><29>/<239><141>"
>
> > NAS-Identifier = "5"
> > User-Name = "sunweek0 at oneweek.sunbeach.net"
> > Acct-Session-Id = "000032E9"
> > Called-Station-Id = "2929700"
> > Calling-Station-Id = "2462280430"
> > NAS-Port = 1288
> > NAS-Port-Type = Async
> > Framed-Protocol = PPP
> > Service-Type = Framed-User
> >
> > Thu Nov 27 17:36:03 2003: INFO: Duplicate request id 209 received from
> > 196.3.210.94(2048): ignored
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list